Lucene search
K

4 matches found

NVD
NVD
added 2024/05/27 8:15 a.m.13 views

CVE-2024-5035

The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated...

8.8CVSS7.6AI score0.03244EPSS
Exploits0References2
CVE
CVE
added 2024/05/27 7:22 a.m.68 views

CVE-2024-5035

CVE-2024-5035 affects TP-Link Archer C4500X (firmware up to 1_1.1.6). The rftest binary launches a network listener on TCP ports 8888, 8889, and 8890, exposing a route for unauthenticated command injection that leads to arbitrary command execution with elevated privileges. The flaw’s root cause i...

8.8CVSS7.9AI score0.03244EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/27 7:22 a.m.37 views

CVE-2024-5035 TP-Link Archer C5400X - RFTest Unauthenticated Command Injection

The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated...

8.8CVSS7.6AI score0.03244EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/27 12:0 a.m.4 views

TP-LINK Archer C4500X 安全漏洞

The TP-LINK Archer C4500X is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK Archer C4500X that stems from the rftest web service being vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890, which can be exploited by a...

8.8CVSS8.4AI score0.03244EPSS
Exploits0References3
Rows per page
Query Builder