CVE-2024-38471

Summary

Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.

Affected Software

VendorProductVersion RangeStatus
TP-LINKArcher AX3000firmware versions prior to "Archer AX3000(JP)_V1_1.1.3 Build 20240415"affected
TP-LINKArcher AXE75firmware versions prior to "Archer AXE75(JP)_V1_1.2.0 Build 20240320"affected
TP-LINKArcher AX5400firmware versions prior to "Archer AX5400(JP)_V1_1.1.4 Build 20240429"affected
TP-LINKArcher Air R5firmware versions prior to "Archer Air R5(JP)_V1_1.1.6 Build 20240508"affected
TP-LINKArcher AXE5400firmware versions prior to "Archer AXE5400(JP)_V1_1.0.3 Build 20240319"affected

Weaknesses

  • OS command injection

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References