Lucene search
K

4 matches found

The Hacker News
The Hacker News
added 2024/05/28 5:11 a.m.18 views

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks

A maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests. The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions ...

9.8CVSS8.5AI score0.12164EPSS
Exploits0
CVE
CVE
added 2024/05/27 7:22 a.m.67 views

CVE-2024-5035

CVE-2024-5035 affects TP-Link Archer C4500X (firmware up to 1_1.1.6). The rftest binary launches a network listener on TCP ports 8888, 8889, and 8890, exposing a route for unauthenticated command injection that leads to arbitrary command execution with elevated privileges. The flaw’s root cause i...

8.8CVSS7.9AI score0.03244EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/27 7:22 a.m.35 views

CVE-2024-5035 TP-Link Archer C5400X - RFTest Unauthenticated Command Injection

The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated...

8.8CVSS7.6AI score0.03244EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/27 7:22 a.m.24 views

CVE-2024-5035 TP-Link Archer C5400X - RFTest Unauthenticated Command Injection

The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated...

8.8CVSS7.9AI score0.03244EPSS
Exploits0References2
Rows per page
Query Builder