Skip to main content

Archer Ax10 Firmware

4 CVEs product

Monthly

CVE-2023-40357 HIGH This Week

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

TP-Link Command Injection Archer Ax50 Firmware Archer A10 Firmware Archer Ax10 Firmware +1
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2023-34832 CRITICAL POC Act Now

TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Archer Ax10 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-41451 HIGH This Week

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Request Smuggling Information Disclosure Archer Ax10 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-40288 HIGH PATCH This Week

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

TP-Link Authentication Bypass Archer Ax10 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.5%
EPSS 0% CVSS 8.0
HIGH This Week

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

TP-Link Command Injection Archer Ax50 Firmware +3
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Archer Ax10 Firmware
NVD GitHub
EPSS 3% CVSS 7.5
HIGH This Week

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Request Smuggling Information Disclosure +1
NVD VulDB
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

TP-Link Authentication Bypass Archer Ax10 Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy