all InfoSec news
TP-Link Archer AX-21 Command Injection Vulnerability (CVE-2023-1389) Exploited in the Wild
May 30, 2023, 8:08 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
TP-Link Archer AX21 (AX1800) is a line of consumer-oriented Wi-Fi routers.
What is the attack?
A command injection vulnerability exists in TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 that allows an unauthenticated attacker to inject commands and obtain root access via a POST request. The issue has been assigned CVE-2023-1389. The vulnerability has a CVSS base score of 8.8 and is rated HIGH.
Why is this significant?
This is significant because …
access attack build command command injection consumer cve cve-2023-1389 exploited firmware inject injection link root root access routers tp-link tp-link archer vulnerability what is wi-fi
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark