CVE-2023-40357

Published: Sep 6, 2023

Modified: Sep 27, 2024

PUBLISHED

Description

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'.

Vendor	Product	Versions
TP-LINK	Archer AX50	affected `firmware versions prior to 'Archer AX50(JP)_V1_230529'`
TP-LINK	Archer A10	affected `firmware versions prior to 'Archer A10(JP)_V2_230504'`
TP-LINK	Archer AX10	affected `firmware versions prior to 'Archer AX10(JP)_V1.2_230508'`
TP-LINK	Archer AX11000	affected `firmware versions prior to 'Archer AX11000(JP)_V1_230523'`

References

https://www.tp-link.com/jp/support/download/archer-ax50/#Firmware

https://www.tp-link.com/jp/support/download/archer-a10/#Firmware

https://www.tp-link.com/jp/support/download/archer-ax10/#Firmware

https://www.tp-link.com/jp/support/download/archer-ax11000/#Firmware

https://jvn.jp/en/vu/JVNVU99392903/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-40357

Description

Affected Products

References