cbcvebase.
CVE-2024-21821
published 2024-01-11

CVE-2024-21821: Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS…

PriorityP346high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
EPSS
0.45%
35.6th percentile
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.

Affected

7 ranges
VendorProductVersion rangeFixed in
tp-linkarcher_air_r5
tp-linkarcher_ax3000
tp-linkarcher_ax3000_firmware< 1.1.21.1.2
tp-linkarcher_ax5400
tp-linkarcher_ax5400_firmware< 1.1.21.1.2
tp-linkarcher_axe75
tp-linkarcher_axe75_firmware< 1.1.91.1.9
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.