Lucene search
K

13 matches found

Nuclei
Nuclei
added 2026/07/02 9:36 a.m.81 views

TP-Link Archer AX21 (AX1800) - Unauthenticated Command Injection

TP-Link Archer AX21 AX1800 routers are vulnerable to unauthenticated OS command injection via the country parameter in the locale endpoint. This allows remote attackers to execute arbitrary commands as root. id: CVE-2023-1389 info: name: TP-Link Archer AX21 AX1800 - Unauthenticated Command...

8.8CVSS7.8AI score0.99999EPSS
Exploits7References3
OpenVAS
OpenVAS
added 2025/03/28 12:0 a.m.18 views

TP-Link AX21 Router Devices Multiple Vulnerabilities (Apr 2023)

TP-Link AX21 router devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS7.5AI score0.99999EPSS
Exploits7References8
The Hacker News
The Hacker News
added 2024/11/08 2:2 p.m.100 views

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent...

10CVSS10AI score0.99999EPSS
Exploits367
Packet Storm
Packet Storm
added 2023/08/11 12:0 a.m.530 views

TP-Link Archer AX21 Command Injection

!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...

8.8CVSS7.1AI score0.99999EPSS
Exploits7
0day.today
0day.today
added 2023/08/10 12:0 a.m.344 views

TP-Link Archer AX21 - Unauthenticated Command Injection Exploit

!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...

8.8CVSS7.1AI score0.99999EPSS
Exploits7
Exploit DB
Exploit DB
added 2023/08/10 12:0 a.m.594 views

TP-Link Archer AX21 - Unauthenticated Command Injection

!/usr/bin/python3 Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection Date: 07/25/2023 Exploit Author: Voyag3r https://github.com/Voyag3r-Security Vendor Homepage: https://www.tp-link.com/us/ Version: TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219...

8.8CVSS9AI score0.99999EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2023/06/26 12:0 a.m.88 views

TP-Link Archer AX21 Command Injection (CVE-2023-1389)

Binary data tplinkarcherax21cve-2023-1389.nbin...

8.8CVSS8.9AI score0.99999EPSS
Exploits7References3
The Hacker News
The Hacker News
added 2023/06/21 5:36 a.m.6 views

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 AX1800 Wi-Fi routers to rope the devices into a distributed denial-of-service DDoS botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work ...

8.8CVSS8AI score0.99999EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/06/21 5:36 a.m.66 views

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 AX1800 Wi-Fi routers to rope the devices into a distributed denial-of-service DDoS botnet. Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work ...

8.8CVSS10AI score0.99999EPSS
Exploits7
The Hacker News
The Hacker News
added 2023/05/02 5:35 a.m.167 views

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added three flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 CVSS score: 8.8 - TP-Link Archer AX-21 Command Injection...

10CVSS10.1AI score0.99999EPSS
Exploits370
Circl
Circl
added 2023/04/25 11:56 a.m.20 views

CVE-2023-1389

creationtimestamp| type| source ---|---|--- 2023-04-25 11:56:19+00:00| exploited| https://t.me/BleepingComputer/16369 2023-04-25 15:35:59+00:00| exploited| https://t.me/BleepingComputer/16373 2023-04-26 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1018 2023-04-26...

8.8CVSS7.5AI score0.99999EPSS
In wildExploits7References56
NVD
NVD
added 2023/03/15 11:15 p.m.35 views

CVE-2023-1389

TP-Link Archer AX21 AX1800 firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before...

8.8CVSS9.1AI score0.99999EPSS
Exploits7References3
CVE
CVE
added 2023/03/15 12:0 a.m.925 views

CVE-2023-1389

TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contain a command injection vulnerability in the web management interface: the country parameter of the write callback for /cgi-bin/luci;stok=/locale is unsanitized and used in popen(), allowing an unauthenticated attacker...

8.8CVSS8.8AI score0.99999EPSS
In wildExploits7References3Affected Software1
Rows per page
Query Builder