TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability
CVE-2023-27359

9.8CRITICAL

Key Information:

Vendor: Tp-link
Status: Ax1800
Vendor: CVE Published:; 3 May 2024

Summary

A race condition vulnerability within the hotplugd daemon affects TP-Link Archer AX21 routers, allowing remote attackers to gain unauthorized access to LAN-side services. The flaw relates to improper handling of firewall rules, which can lead to exposure of resources intended only for local network users. Attackers can exploit this vulnerability without needing any authentication, potentially using it in combination with other security flaws to execute arbitrary code with root privileges.

Affected Version(s)

AX1800 AX21(US)_V3_1.1.1 Build 20220603

References

https://www.zerodayinitiative.com/advisories/ZDI-23-452/

x_research-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 3, 2024
Vulnerability Reserved
Feb 28, 2023