Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentJpcertVULNRICHMENT:CVE-2023-40357
HistorySep 06, 2023 - 9:21 a.m.

CVE-2023-40357

2023-09-0609:21:35
jpcert
github.com
tp-link
command execution
archer ax50
archer a10
archer ax10
archer ax11000
vulnerability

AI Score

8

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

JSON

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to ‘Archer AX50(JP)_V1_230529’, Archer A10 firmware versions prior to ‘Archer A10(JP)_V2_230504’, Archer AX10 firmware versions prior to ‘Archer AX10(JP)_V1.2_230508’, and Archer AX11000 firmware versions prior to ‘Archer AX11000(JP)_V1_230523’.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:o:tp-link:archer_ax50_firmware:-:*:*:*:*:*:*:*"
    ],
    "vendor": "tp-link",
    "product": "archer_ax50_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "230529",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:tp-link:archer_a10_firmware:-:*:*:*:*:*:*:*"
    ],
    "vendor": "tp-link",
    "product": "archer_a10_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "230504"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:tp-link:archer_ax10_firmware:-:*:*:*:*:*:*:*"
    ],
    "vendor": "tp-link",
    "product": "archer_ax10_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "230508",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "cpes": [
      "cpe:2.3:o:tp-link:archer_ax11000_firmware:-:*:*:*:*:*:*:*"
    ],
    "vendor": "tp-link",
    "product": "archer_ax11000_firmware",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "230523",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Related

prion 1
cvelist 1
cnvd 1
nvd 1
cve 1
prion
prion
Design/Logic Flaw
2023-09-06 10:15:00
cvelist
cvelist
CVE-2023-40357
2023-09-06 09:21:35
cnvd
cnvd
TP-LINK Archer AX50/A10 Command Execution Vulnerability
2023-09-10 00:00:00
nvd
nvd
CVE-2023-40357
2023-09-06 10:15:14
cve
cve
CVE-2023-40357
2023-09-06 10:15:14

AI Score

8

Confidence

High

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

JSON
Related for VULNRICHMENT:CVE-2023-40357
prion1cvelist1cnvd1nvd1cve1