High Threat Security Alert (A23-04-19): Vulnerability in TP-Link Archer AX21


 

Published on: 26 April 2023

  
  

Description:

TP-Link released a security update to address a vulnerability in TP-Link Archer AX21. A remote attacker could send a specially crafted request to the router to exploit the vulnerability.

Reports indicate that the remote code execution vulnerability (CVE-2023-1389) is being exploited in the wild. System administrators are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks.

 

Affected Systems:

  • TP-Link Archer AX21 prior to version 1.1.4 Build 20230219

 

Impact:

Successful exploitation of the vulnerability could lead to remote code execution on an affected system.

 

Recommendation:

Users of affected TP-Link Archer AX21 should update the firmware to version 1.1.4 Build 20230219 or later to address the issue.

 

More Information:

  • https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware
  • https://www.zerodayinitiative.com/blog/2023/4/21/tp-link-wan-side-vulnerability-cve-2023-1389-added-to-the-mirai-botnet-arsenal
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1389


Tag: TP-Link , TP-Link Wi-Fi router
Tags