Incorrect Access Control Exposes Sensitive Information in TP-Link ARCHER-C7 v5
CVE-2024-53623

Currently unrated

Key Information:

Vendor: TP-Link
Vendor: CVE Published:; 29 November 2024

Summary

A vulnerability exists in the l_0_0.xml component of the TP-Link ARCHER-C7 v5 router, which may allow unauthorized access to sensitive information. This flaw in access control mechanisms poses a significant threat to user data security and can be exploited by attackers to gain insights into a network's configuration and personal user data. Proper assessment and mitigation strategies are essential to protect devices from potential exploitation.

References

https://github.com/Crane-c/CVE_Request/blob/main/TP-Link/...

Timeline

Vulnerability published
Nov 29, 2024
Vulnerability Reserved
Nov 20, 2024