TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user.
References
Link | Resource |
---|---|
https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Replay | Exploit Third Party Advisory |
https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware | Product Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-18T00:00:00
Updated: 2022-10-18T00:00:00
Reserved: 2022-09-26T00:00:00
Link: CVE-2022-41541
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-18T15:15:10.243
Modified: 2022-10-20T15:47:56.007
Link: CVE-2022-41541
JSON object: View
Redhat Information
No data.
CWE