Back to KEVs

CVE-2023-1389

TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the...

Basic Information

CVE State
PUBLISHED
Reserved Date
March 14, 2023
Published Date
March 15, 2023
Last Updated
January 28, 2025
Vendor
n/a
Product
TP-Link Archer AX21 (AX1800)
Description
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation
active
Automatable
Yes
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2023-05-01 00:00:00 UTC) Source
Proof of Concept Available
Yes (added 2023-09-09 15:53:22 UTC) Source

References

https://www.tenable.com/security/research/tra-2023-11 http://packetstormsecurity.com/files/174131/TP-Link-Archer-AX21-Command-Injection.html

Known Exploited Vulnerability Information

Source Added Date
CISA 2023-05-01 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

Terminal1337/CVE-2023-1389

Type: github • Created: 2023-09-09 15:53:22 UTC • Stars: 12

TP-Link Archer AX21 - Unauthenticated Command Injection [Loader]

Voyag3r-Security/CVE-2023-1389

Type: github • Created: 2023-07-28 03:09:00 UTC • Stars: 11