cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-27359,https://securityvulnerability.io/vulnerability/CVE-2023-27359,TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability,"A race condition vulnerability within the hotplugd daemon affects TP-Link Archer AX21 routers, allowing remote attackers to gain unauthorized access to LAN-side services. The flaw relates to improper handling of firewall rules, which can lead to exposure of resources intended only for local network users. Attackers can exploit this vulnerability without needing any authentication, potentially using it in combination with other security flaws to execute arbitrary code with root privileges.",Tp-link,Ax1800,9.8,CRITICAL,0.0006500000017695129,false,false,false,false,,false,false,2024-05-03T01:56:11.459Z,0
CVE-2023-27346,https://securityvulnerability.io/vulnerability/CVE-2023-27346,TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability,"A vulnerability in the TP-Link AX1800 router firmware allows network-adjacent attackers to exploit a stack-based buffer overflow condition. This exploitation is made possible due to inadequate validation of user-supplied data length during firmware image parsing, which can lead to arbitrary code execution with root privileges. No authentication is necessary to carry out this attack, underscoring the critical need for users to ensure their devices are updated with the latest firmware to mitigate potential risks. For detailed technical insights, refer to ZDI-23-377.",Tp-link,Ax1800,8.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2024-05-03T01:56:05.862Z,0
CVE-2023-6437,https://securityvulnerability.io/vulnerability/CVE-2023-6437,TP-Link Vulnerable to OS Command Injection Through 2024.03.28,"The OS Command Injection vulnerability in various TP-Link networking devices allows attackers to execute arbitrary commands on the affected systems. This issue affects models such as the TP-Link EX20v AX1800, Archer C5v AC1200, TD-W9970, and more, enabling authenticated users to gain unauthorized control over the system. The vulnerability is particularly concerning for devices like the TP-Link VX220-G2u and VN020-G2u, which are no longer produced or supported, leaving them susceptible to exploitation. Organizations using these devices should take immediate action to mitigate risks associated with this vulnerability.",Tp-link,"Tp-link Ex20v Ax1800, Tp-link Archer C5v Ac1200, Tp-link Td-w9970, Tp-link Td-w9970v3, Tp-link Vx220-g2u, Tp-link Vn020-g2u",9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-03-28T13:13:09.097Z,0
CVE-2023-1389,https://securityvulnerability.io/vulnerability/CVE-2023-1389,Command Injection Vulnerability in TP-Link Archer AX21 (AX1800) Firmware,"The vulnerability CVE-2023-1389 is a high-severity unauthenticated command injection issue in the TP-Link Archer AX21 (AX1800) routers, which allows attackers to inject commands and ultimately gain root access to the affected devices. This vulnerability has been actively exploited by at least six distinct botnet malware operations, including AGoent, Gafgyt Variant, Moobot, Mirai Variant, Miori, and Condi. These botnets utilize different methods to exploit the vulnerability, establish control over compromised devices, and engage in malicious activities such as DDoS attacks. Despite TP-Link addressing the problem with firmware updates, a significant number of users continue to use outdated firmware, highlighting the importance of timely patching and robust security measures. Users are strongly advised to update their devices as soon as possible to mitigate the risk of compromise.",Tp-link,TP-Link Archer AX21 (AX1800),8.8,HIGH,0.10400000214576721,true,true,true,true,true,false,false,2023-03-15T00:00:00.000Z,1079