CVE ID
CVE-2023-1389
Vulnerability Name
TP-Link Archer AX-21 Command Injection Vulnerability
- Project: TP-Link
- Product: Archer AX21
Date
- Date Added: 2023-05-01
- Due Date: 2023-05-22
Description
TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware; https://nvd.nist.gov/vuln/detail/CVE-2023-1389
Related Security News
- RondoDox botnet targets 56 n-day flaws in worldwide attacks
- Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
- Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
- Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
- New botnet exploits vulnerabilities in NVRs, TP-Link routers
- US Ban on TP-Link Routers More About Politics Than Exploitation Risk
- AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services
Top comments (0)