Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU99392903/ | Third Party Advisory |
https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware | Product |
https://www.tp-link.com/jp/support/download/archer-c55/#Firmware | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2023-09-06T09:27:44.114Z
Updated: 2023-09-06T09:27:44.114Z
Reserved: 2023-08-15T07:33:32.104Z
Link: CVE-2023-32619
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-06T10:15:13.650
Modified: 2023-09-11T13:35:49.373
Link: CVE-2023-32619
JSON object: View
Redhat Information
No data.
CWE