The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the failure to address the issue of eliminating specific components used in the operating system. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of TP-Link Wi-Fi routers such as Archer AX3000, Archer AXE75, Archer AX5400, Archer Air R5, and Archer AXE5400 exists due to the lack of measures taken to neutralize specific components used in the operating system. Exploiting this vulnerability allows a remote attacker to execu...

PT-2024-5005 · Tp Link · Tp-Link Archer Ax3000 +3

Name of the Vulnerable Software and Affected Versions: TP-LINK products affected versions not specified TP-Link Archer AX3000 TP-Link Archer AXE75 TP-Link Archer AX5400 TP-Link Archer Air R5 TP-Link Archer AXE5400 Description: The issue allows a network-adjacent attacker with administrative...

The vulnerability of the microprogrammed software of TP-Link Wi-Fi routers such as Archer AX3000, Archer AX5400, DECO XE200, DECO X50, Archer AXE75 allows a intruder to execute arbitrary commands.

The vulnerability of TP-Link Archer AX3000, Archer AX5400, DECO XE200, DECO X50, and Archer AXE75 Wi-Fi routers exists due to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

The vulnerability of the microprogrammed software of TP-Link Archer AX3000, Archer AX5400, and Archer AXE75 routers allows a hacker to execute arbitrary commands.

The vulnerability of TP-Link Archer AX3000, Archer AX5400, and Archer AXE75 Wi-Fi routers exists due to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-21773

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings...

CVE-2024-21833

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi...

CVE-2024-21821

Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands...

Design/Logic Flaw

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000JPV11.1.2 Build 20231115", Archer AX5400 firmware versions pri...

Design/Logic Flaw

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000JPV11.1.2 Build 20231115", Archer AX5400 firmware versions prior to "Archer AX5400JPV11.1.2...

CVE-2024-21833

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi...

CVE-2024-21821

CVE-2024-21821 affects TP-LINK routers (e.g., Archer AX3000, AX5400, AXE75). A network-adjacent authenticated attacker with LAN/Wi‑Fi access can execute arbitrary OS commands due to inadequate input handling in the device OS. CVSS 3.1 base score 8.0 (ADJACENT, LOW{PR:L}, UI: NONE; impact C/I/A: H...

CVE-2024-21821

Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands...

CVE-2024-21773

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings...

Multiple TP-LINK Products Operating System Command Injection Vulnerability

The TP-LINK Archer AX3000 is a wireless router from China P&L TP-LINK. An operating system command injection vulnerability exists in multiple TP-LINK products, which originates from a vulnerability that allows an authenticated attacker on a neighboring network to access the product and execute...

Multiple TP-LINK Products Operating System Command Injection Vulnerability

The TP-LINK Archer AX3000 is a wireless router from China P&L TP-LINK. An operating system command injection vulnerability exists in multiple TP-LINK products, which originates from a vulnerability that allows an authenticated attacker on a neighboring network to access the product and execute...

Multiple TP-LINK Products Operating System Command Injection Vulnerability

The TP-LINK Archer AX3000 is a wireless router from China P&L TP-LINK. An operating system command injection vulnerability exists in multiple TP-LINK products that originates from allowing an authenticated attacker on a neighboring network to execute arbitrary operating system commands and affect...

Heights Telecom ERO1xS-Pro 命令注入漏洞

Heights Telecom ERO1xS-Pro is a Dual-Band WiFi6 AX5400 MESH Extender from Heights Telecom. A security vulnerability exists in Heights Telecom ERO1xS-Pro Dual-Band FW BZERO1XP.025 version, which stems from the presence of a command injection vulnerability...

CVE-2021-41435

CVE-2021-41435 affects a broad set of ASUS router models and TUF/ZenWiFi devices. The flaw is a brute-force protection bypass in the CAPTCHA protection that allows a remote attacker to perform an arbitrary number of login attempts by sending a specific HTTP request. Affected versions are before 3...