EUVD-2024-19445

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Multiple TP-LINK products let attackers execute OS commands via network access with default settings.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-21833	11 Jan 202401:31	–	circl
CNNVD	Multiple TP-LINK Products Operating System Command Injection Vulnerability	9 Jan 202400:00	–	cnnvd
CVE	CVE-2024-21833	10 Jan 202423:25	–	cve
Cvelist	CVE-2024-21833	10 Jan 202423:25	–	cvelist
Japan Vulnerability Notes	Multiple TP-Link products vulnerable to OS command injection	10 Jan 202404:57	–	jvn
NVD	CVE-2024-21833	11 Jan 202400:15	–	nvd
Prion	Design/Logic Flaw	11 Jan 202400:15	–	prion
Positive Technologies	PT-2024-1570	10 Jan 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-21833	23 May 202509:24	–	redhatcve
VulnCheck KEV	VulnCheck KEV: CVE-2024-21833	10 Apr 202600:00	–	vulncheck_kev

[
  {
    "enisaIdVendor": [
      {
        "id": "999c5916-7487-3515-bcfa-8b8fa2bafd42",
        "vendor": {
          "name": "TP-Link"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "21b338e6-401f-3cca-ba8b-0f53ee928467",
        "product": {
          "name": "Archer AXE75"
        }
      },
      {
        "id": "678c5b0b-a56e-38bf-b524-af0584978f0b",
        "product": {
          "name": "Archer AX5400"
        },
        "product_version": "firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\""
      },
      {
        "id": "732494f6-e08f-3e62-8ac0-28aa6a20770f",
        "product": {
          "name": "Deco XE200"
        },
        "product_version": "firmware versions prior to \"Deco XE200(JP)_V1_1.2.5 Build 20231120\""
      },
      {
        "id": "7e6cad2d-9ab9-33ad-96fd-ac7db36e2434",
        "product": {
          "name": "Archer AX5400"
        }
      },
      {
        "id": "92bb2fd8-409c-36ca-9042-026ee1c10a10",
        "product": {
          "name": "Archer AXE75"
        },
        "product_version": "firmware versions prior to \"Archer AXE75(JP)_V1_231115\""
      },
      {
        "id": "99194102-612d-34a0-99a5-0090a0e9df10",
        "product": {
          "name": "Archer AX3000"
        },
        "product_version": "firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\""
      },
      {
        "id": "a77ae685-761e-398b-9ce0-ecb0dfd5a6f4",
        "product": {
          "name": "Deco X50"
        }
      },
      {
        "id": "c3016f0e-c84c-36bb-b4cb-d2da79ec3237",
        "product": {
          "name": "Deco XE200"
        }
      },
      {
        "id": "e5174bc3-311a-3274-aa6c-10799f0ee057",
        "product": {
          "name": "Deco X50"
        },
        "product_version": "firmware versions prior to \"Deco X50(JP)_V1_1.4.1 Build 20231122\""
      },
      {
        "id": "eda0f0b3-c392-3547-957e-12346f8da8d1",
        "product": {
          "name": "Archer AX3000"
        }
      }
    ]
  }
]

Source	Link
tp-link	www.tp-link.com/jp/support/download/archer-ax3000/
tp-link	www.tp-link.com/jp/support/download/archer-ax5400/
tp-link	www.tp-link.com/jp/support/download/archer-axe75/
tp-link	www.tp-link.com/jp/support/download/deco-x50/v1/
tp-link	www.tp-link.com/jp/support/download/deco-xe200/
jvn	www.jvn.jp/en/vu/JVNVU91401812/

03 Oct 2025 20:07Current

8High risk

Vulners AI Score8

CVSS 3.18.8

EPSS0.0021

SSVC