CVE-2023-40357
06.09.2023, 10:15
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'.
| Vendor | Product | Version |
|---|---|---|
| tp-link | archer_ax50_firmware | 𝑥 < 230529 |
| tp-link | archer_a10_firmware | 𝑥 ≤ 230504 |
| tp-link | archer_ax10_firmware | 𝑥 < 230508 |
| tp-link | archer_ax11000_firmware | 𝑥 < 230523 |
𝑥
= Vulnerable software versions
References