Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to ‘Archer AX50(JP)_V1_230529’, Archer A10 firmware versions prior to ‘Archer A10(JP)_V2_230504’, Archer AX10 firmware versions prior to ‘Archer AX10(JP)_V1.2_230508’, and Archer AX11000 firmware versions prior to ‘Archer AX11000(JP)_V1_230523’.
CPE | Name | Operator | Version |
---|---|---|---|
archer_a10_firmware | le | 230504 | |
archer_ax10_firmware | lt | 230508 | |
archer_ax11000_firmware | lt | 230523 | |
archer_ax50_firmware | lt | 230529 |