Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115", Archer AX5400 firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115", and Archer AXE75 firmware versions prior to "Archer AXE75(JP)_V1_231115".
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU91401812/ | Third Party Advisory |
https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware | Product |
https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware | Product |
https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2024-01-10T23:25:07.433Z
Updated: 2024-07-03T23:04:01.432Z
Reserved: 2024-01-04T00:17:52.223Z
Link: CVE-2024-21821
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-11T00:15:44.633
Modified: 2024-01-18T17:08:35.830
Link: CVE-2024-21821
JSON object: View
Redhat Information
No data.
CWE