TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.
References
Link | Resource |
---|---|
https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md | Exploit Third Party Advisory |
https://www.tp-link.com/br/home-networking/wifi-router/archer-ax10/ | Product |
https://www.tp-link.com/br/support/download/archer-ax10/v1/ | Product |
Configurations
Configuration 1 (hide)
AND |
|
History
30 Sep 2022, 15:40
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Tp-link archer Ax10 V1 Firmware
Tp-link archer Ax10 V1 Tp-link |
|
References | (MISC) https://www.tp-link.com/br/home-networking/wifi-router/archer-ax10/ - Product | |
References | (MISC) https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md - Exploit, Third Party Advisory | |
References | (MISC) https://www.tp-link.com/br/support/download/archer-ax10/v1/ - Product | |
CPE | cpe:2.3:h:tp-link:archer_ax10_v1:-:*:*:*:*:*:*:* cpe:2.3:o:tp-link:archer_ax10_v1_firmware:1.3.1:20220401:*:*:*:*:*:* |
|
CWE | CWE-94 |
28 Sep 2022, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-28 13:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-40486
Mitre link : CVE-2022-40486
CVE.ORG link : CVE-2022-40486
JSON object : View
Products Affected
tp-link
- archer_ax10_v1_firmware
- archer_ax10_v1
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')