cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-21833,https://securityvulnerability.io/vulnerability/CVE-2024-21833,Command Injection Vulnerability in TP-LINK Networking Devices,"A critical vulnerability, identified as CVE-2024-21833, has been discovered in multiple TP-LINK products, allowing attackers to execute arbitrary OS commands without authentication. This flaw affects various router models, potentially enabling malicious actors to disrupt services, steal sensitive information, or enlist devices into botnets. There is evidence of active exploitation of this vulnerability, with discussions of potential sharing of exploit tools in underground forums. It is crucial for users to update their firmware to address the security concerns and consider implementing network segmentation and firewall rules to restrict access to vulnerable devices.",TP-Link,"Archer AX3000,Archer AX5400,Archer AXE75,Deco X50,Deco XE200",8.8,HIGH,0.0013500000350177288,false,true,true,true,,true,false,2024-01-11T00:15:00.000Z,3915 CVE-2024-21773,https://securityvulnerability.io/vulnerability/CVE-2024-21773,Remote Command Execution Vulnerability in TP-LINK Products,"Multiple TP-LINK products exhibit a vulnerability that enables unauthenticated network-adjacent attackers to execute arbitrary OS commands. This vulnerability can be exploited when attackers gain access to the product through its LAN port or Wi-Fi interface, potentially compromising targeted devices and bypassing parental control restrictions. The affected models include the Archer AX3000, Archer AX5400, Deco X50 (version 1), and Deco XE200. It is crucial for users to enhance their network security measures and keep firmware updated to mitigate these risks.",TP-Link,"Archer AX3000,Archer AX5400,Deco X50,Deco XE200",8.8,HIGH,0.0013500000350177288,false,false,false,false,,false,false,2024-01-11T00:15:00.000Z,0