CVE-2024-21821
8HIGH
Key Information
- Vendor
- TP-Link
- Status
- Archer AX3000
- Archer AX5400
- Archer AXE75
- Vendor
- CVE Published:
- 11 January 2024
Summary
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
Affected Version(s)
Archer AX3000 = firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
Archer AX5400 = firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
Archer AXE75 = firmware versions prior to "Archer AXE75(JP)_V1_231115"
CVSS V3.1
Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database