| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| CVE-2023-28760 | 2 Oct 202500:00 | โ | attackerkb | |
| The vulnerability of the MiniDLNA service in the TPDLNA/files.db file of TP-Link Archer AX20 (AX1800) routers allows a hacker to execute arbitrary code. | 17 Apr 202300:00 | โ | bdu_fstec | |
| CVE-2023-28760 | 24 Mar 202312:53 | โ | circl | |
| TP-Link AX1800 ๅฎๅ จๆผๆด | 2 Oct 202500:00 | โ | cnnvd | |
| CVE-2023-28760 | 2 Oct 202500:00 | โ | cvelist | |
| EUVD-2023-32395 | 3 Oct 202520:07 | โ | euvd | |
| CVE-2023-28760 | 2 Oct 202514:15 | โ | nvd | |
| PT-2023-2326 | 24 Mar 202300:00 | โ | ptsecurity | |
| CVE-2023-28760 | 3 Oct 202500:46 | โ | redhatcve | |
| SRC-2023-0003 : TP-Link Archer AX20/AX21 minidlnad db_dir Remote Code Execution Vulnerability | 4 Feb 202300:00 | โ | srcincite |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| BrowseMetadata* | request body | /ctl/ContentDir | Pre-authenticated RCE via crafted BrowseMetadata payload in ContentDir SOAP call | CWE-121 |
| {object_id}-si.jpg | path | /AlbumArt/{object_id}-si.jpg | Used in exploit flow to fetch hash and deliver crafted DB content for overflow | CWE-121 |
| stok | request body | /cgi-bin/luci/;stok=/login | Pre-authentication login endpoint used in PoC to access and prepare the device for exploitation | CWE-121 |
| sysauth | request body | /cgi-bin/luci/;stok=/login | Pre-authentication login endpoint used in PoC to access and prepare the device for exploitation | CWE-121 |
Data
Build on a solid foundation withย Vulners data
Weย provide theย essential building blocks forย cybersecurity solutions withย comprehensive, structured, andย constantly updated vulnerability andย exploits data
Api
Power your application withย Vulners API
The Vulners REST API offers reliable, high-performance access toย vulnerabilityย intelligence, withย 99.9%ย SLAย uptime andย CDN-backed data delivery forย seamlessย global access
App
Assess and manage vulnerabilities withย Vulnersย tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation