Tp-Link Archer Ax50 Firmware vulnerabilities
3 known vulnerabilities affecting tp-link/archer_ax50_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-30075P1HIGHCVSS 8.8ExploitedPoC≤ 2107302022-06-09
CVE-2022-30075 [HIGH] CVE-2022-30075: In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interfac
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation.
nvd
CVE-2023-40357P3HIGHCVSS 8.0fixed in 2305292023-09-06
CVE-2023-40357 [HIGH] CWE-78 CVE-2023-40357: Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS co
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508',
nvd
CVE-2024-2188P4MEDIUMCVSS 6.1v1.0.112024-03-05
CVE-2024-2188 [MEDIUM] CWE-79 CVE-2024-2188: Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.
Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when t
nvd