mickmick.net

TP-Link Router Remote Code Execution Vulnerability

Last Update Date: 26 Apr 2023 10:43 Release Date: 26 Apr 2023

RISK: Extremely High Risk

TYPE: Operating Systems - Networks OS

A vulnerability was identified in TP-Link router. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.

 

Note:

CVE-2023-1389 is being exploited in the wild.

---

Impact

• Remote Code Execution

---

System / Technologies affected

• TP-Link Archer AX21 prior to 1.1.4 20230219

 

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

• https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware

---

Vulnerability Identifier

• CVE-2023-1389

---

Source

• https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware

---

Related Link

• https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware
• https://www.zerodayinitiative.com/blog/2023/4/21/tp-link-wan-side-vulnerability-cve-2023-1389-added-to-the-mirai-botnet-arsenal