CVE-2023-1389 - TP-Link Archer AX-21 Command Injection Vulnerability
Project:TP-Link
Product:Archer AX21
Date Added:2023-05-01Due Date:2023-05-22
Vulnerability Name
TP-Link Archer AX-21 Command Injection Vulnerability
Description
TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware
https://nvd.nist.gov/vuln/detail/CVE-2023-1389
Related News Articles
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentialsApril 10, 2025
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 DevicesMarch 11, 2025
New botnet exploits vulnerabilities in NVRs, TP-Link routersDecember 25, 2024
US Ban on TP-Link Routers More About Politics Than Exploitation RiskDecember 21, 2024
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud ServicesNovember 8, 2024