CVE-2024-21833
published 2024-01-11CVE-2024-21833: Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device…
PriorityP182high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
1.07%
60.7th percentile
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tp-link | archer_ax3000 | — | — |
| tp-link | archer_ax3000_firmware | < 1.1.2 | 1.1.2 |
| tp-link | archer_ax5400 | — | — |
| tp-link | archer_ax5400_firmware | < 1.1.2 | 1.1.2 |
| tp-link | archer_axe75 | — | — |
| tp-link | archer_axe75_firmware | < 1.1.9 | 1.1.9 |
| tp-link | deco_x50 | — | — |
| tp-link | deco_x50_firmware | < 1.4.1 | 1.4.1 |
| tp-link | deco_xe200 | — | — |
| tp-link | deco_xe200_firmware | < 1.2.5 | 1.2.5 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
vendor_oracle4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r4rf-89mf-697j: Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands
ghsa_unreviewed·2024-01-11
CVE-2024-21833 [HIGH] CWE-78 GHSA-r4rf-89mf-697j: Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115", Archer AX5400 firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115", Archer AXE75 firmware versions prior to "Archer AXE75(JP)_V1_231115", Deco X50 firmware versions prior to "Deco X50(JP)_V1_1.4.1 Build 20231122", and Deco XE200 firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120".
VulnCheck
TP-Link archer_ax3000_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
vulncheck·2024·CVSS 8.8
CVE-2024-21833 [HIGH] TP-Link archer_ax3000_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
TP-Link archer_ax3000_firmware Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
Affected: TP-Link archer_ax3000_firmware
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://ctrlaltintel.com/research/ProxyPCP/
Oracle
Oracle Oracle Systems Risk Matrix: Object Store — CVE-2023-21833
vendor_oracle·2024-01-15·CVSS 4.3
CVE-2023-21833 [MEDIUM] Oracle Oracle Systems Risk Matrix: Object Store — CVE-2023-21833
Oracle Oracle Systems Risk Matrix: Object Store vulnerability
CVE: CVE-2023-21833
CVSS: 4.3
Protocol: HTTP
Remote exploit: No
Affected versions: Network
Advisory: cpujan2024 (JAN 2024)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://jvn.jp/en/vu/JVNVU91401812/https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmwarehttps://www.tp-link.com/jp/support/download/archer-ax5400/#Firmwarehttps://www.tp-link.com/jp/support/download/archer-axe75/#Firmwarehttps://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmwarehttps://www.tp-link.com/jp/support/download/deco-xe200/#Firmwarehttps://jvn.jp/en/vu/JVNVU91401812/https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmwarehttps://www.tp-link.com/jp/support/download/archer-ax5400/#Firmwarehttps://www.tp-link.com/jp/support/download/archer-axe75/#Firmwarehttps://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmwarehttps://www.tp-link.com/jp/support/download/deco-xe200/#Firmware
2024-01-11
Published
Exploited in the wild