CVE-2023-1389

Published: Mar 15, 2023

Modified: Oct 21, 2025

PUBLISHED

Description

TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.

Vendor	Product	Versions
n/a	TP-Link Archer AX21 (AX1800)	affected `All versions prior to version 1.14 Build 20230219`

References

https://www.tenable.com/security/research/tra-2023-11

http://packetstormsecurity.com/files/174131/TP-Link-Archer-AX21-Command-Injection.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-1389

Description

Affected Products

References