Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115", Archer AX5400 firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115", Archer AXE75 firmware versions prior to "Archer AXE75(JP)_V1_231115", Deco X50 firmware versions prior to "Deco X50(JP)_V1_1.4.1 Build 20231122", and Deco XE200 firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120".
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2024-01-10T23:25:25.755Z
Updated: 2024-07-03T23:03:48.528Z
Reserved: 2024-01-04T00:17:53.070Z
Link: CVE-2024-21833
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-11T00:15:44.683
Modified: 2024-01-18T18:26:59.627
Link: CVE-2024-21833
JSON object: View
Redhat Information
No data.
CWE