In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/167522/TP-Link-AX50-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
http://tp-link.com | Product Vendor Advisory |
https://github.com/aaronsvk | Third Party Advisory |
https://github.com/aaronsvk/CVE-2022-30075 | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/50962 | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
30 Sep 2022, 17:50
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.exploit-db.com/exploits/50962 - Exploit, Third Party Advisory, VDB Entry | |
References | (MISC) http://packetstormsecurity.com/files/167522/TP-Link-AX50-Remote-Code-Execution.html - Exploit, Third Party Advisory, VDB Entry |
20 Jun 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
17 Jun 2022, 16:09
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://github.com/aaronsvk/CVE-2022-30075 - Exploit, Third Party Advisory | |
References | (MISC) https://github.com/aaronsvk - Third Party Advisory | |
References | (MISC) http://tp-link.com - Product, Vendor Advisory | |
References | (MISC) https://www.exploit-db.com/exploits/50962 - Exploit, Third Party Advisory | |
CPE | cpe:2.3:h:tp-link:archer_ax50:-:*:*:*:*:*:*:* cpe:2.3:o:tp-link:archer_ax50_firmware:*:*:*:*:*:*:*:* |
|
First Time |
Tp-link archer Ax50
Tp-link Tp-link archer Ax50 Firmware |
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
16 Jun 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Jun 2022, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-09 04:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-30075
Mitre link : CVE-2022-30075
CVE.ORG link : CVE-2022-30075
JSON object : View
Products Affected
tp-link
- archer_ax50
- archer_ax50_firmware
CWE