TP-LINK Products Vulnerable to Arbitrary OS Command Execution via Backup File Restoration
CVE-2024-38471

6.8MEDIUM

Key Information:

Vendor: Tp-link
Status: Archer Ax3000; Archer Axe75; Archer Ax5400; Archer Air R5
Vendor: CVE Published:; 4 July 2024

Summary

A vulnerability exists in multiple TP-LINK networking devices that permits a network-adjacent attacker with administrative access to execute arbitrary operating system commands. This can be accomplished by restoring a specially crafted backup file on the affected device. The devices typically allow login only from local area network (LAN) ports or Wi-Fi. It is essential for users of the affected TP-LINK products to apply available security updates and follow best practices for network security to mitigate this risk.

Affected Version(s)

Archer Air R5 firmware versions prior to "Archer Air R5(JP)_V1_1.1.6 Build 20240508"

Archer AX3000 firmware versions prior to "Archer AX3000(JP)_V1_1.1.3 Build 20240415"

Archer AX5400 firmware versions prior to "Archer AX5400(JP)_V1_1.1.4 Build 20240429"

References

https://www.tp-link.com/jp/support/download/

https://www.tp-link.com/jp/support/download/archer-ax3000...

https://www.tp-link.com/jp/support/download/archer-axe75/...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 4, 2024
Vulnerability Reserved
Jun 17, 2024