cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-27333,https://securityvulnerability.io/vulnerability/CVE-2023-27333,TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability,"A stack-based buffer overflow vulnerability has been identified in the handling of command 0x422 by the tmpServer service in TP-Link Archer AX21 routers. This flaw allows network-adjacent attackers, who possess valid authentication credentials, to exploit the vulnerability and execute arbitrary code in the context of the root user. The failure to properly validate the length of user-supplied input leads to the overflow condition, enabling an attacker to gain control over the affected system. Organizations using TP-Link Archer AX21 devices are urged to implement appropriate security measures to mitigate potential exploits.",Tp-link,Archer Ax21,6.8,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2024-05-03T01:55:56.192Z,0
CVE-2023-27332,https://securityvulnerability.io/vulnerability/CVE-2023-27332,TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability,"A vulnerability affecting the TP-Link Archer AX21 router exists within the tdpServer logging functionality, which is prone to a stack-based buffer overflow due to inadequate length validation of user-supplied data. This flaw allows network-adjacent attackers to gain unauthorized remote access and execute arbitrary code within the root context. The tdpServer process listens on UDP port 20002, exposing this critical weakness to exploitation without any authentication requirements, making devices particularly vulnerable.",Tp-link,Archer Ax21,8.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2024-05-03T01:55:55.415Z,0
CVE-2023-31710,https://securityvulnerability.io/vulnerability/CVE-2023-31710,Buffer Overflow Vulnerability in TP-Link Archer AX21 Router,"The TP-Link Archer AX21 router versions V3_1.1.4 Build 20230219 and V3.6_1.1.4 Build 20230219 are susceptible to a buffer overflow vulnerability. This issue can be exploited by attackers to execute arbitrary code, potentially leading to unauthorized access and control over the affected device. Users are urged to apply the necessary patches and updates to mitigate this risk and secure their network environment.",Tp-link,Archer Ax21 Firmware,9.8,CRITICAL,0.0011899999808520079,false,false,false,false,,false,false,2023-08-01T00:00:00.000Z,0
CVE-2023-1389,https://securityvulnerability.io/vulnerability/CVE-2023-1389,Command Injection Vulnerability in TP-Link Archer AX21 (AX1800) Firmware,"The vulnerability CVE-2023-1389 is a high-severity unauthenticated command injection issue in the TP-Link Archer AX21 (AX1800) routers, which allows attackers to inject commands and ultimately gain root access to the affected devices. This vulnerability has been actively exploited by at least six distinct botnet malware operations, including AGoent, Gafgyt Variant, Moobot, Mirai Variant, Miori, and Condi. These botnets utilize different methods to exploit the vulnerability, establish control over compromised devices, and engage in malicious activities such as DDoS attacks. Despite TP-Link addressing the problem with firmware updates, a significant number of users continue to use outdated firmware, highlighting the importance of timely patching and robust security measures. Users are strongly advised to update their devices as soon as possible to mitigate the risk of compromise.",Tp-link,TP-Link Archer AX21 (AX1800),8.8,HIGH,0.10400000214576721,true,true,true,true,true,false,false,2023-03-15T00:00:00.000Z,1079