Ax53 V1
Monthly
A stack-based buffer overflow vulnerability exists in TP-Link AX53 v1 due to insufficient input sanitization in the device's probe handling logic, allowing unauthenticated remote attackers to cause denial of service through repeated service crashes and potentially achieve remote code execution via heap-spray techniques under specific conditions. The vulnerability affects TP-Link AX53 v1 devices and has a patch available from the vendor, though no confirmed active exploitation or public proof-of-concept has been widely reported at this time.
A command injection vulnerability exists in TP-Link AX53 v1 devices within the mscd debug functionality that allows authenticated attackers to execute arbitrary commands with full device control. The vulnerability stems from insufficient input validation on log redirection parameters, which can be abused to concatenate unvalidated file content into shell commands. A vendor patch is available, and this represents a critical control-plane compromise vector for affected router devices.
A stack-based buffer overflow vulnerability exists in TP-Link AX53 v1 due to insufficient input sanitization in the device's probe handling logic, allowing unauthenticated remote attackers to cause denial of service through repeated service crashes and potentially achieve remote code execution via heap-spray techniques under specific conditions. The vulnerability affects TP-Link AX53 v1 devices and has a patch available from the vendor, though no confirmed active exploitation or public proof-of-concept has been widely reported at this time.
A command injection vulnerability exists in TP-Link AX53 v1 devices within the mscd debug functionality that allows authenticated attackers to execute arbitrary commands with full device control. The vulnerability stems from insufficient input validation on log redirection parameters, which can be abused to concatenate unvalidated file content into shell commands. A vendor patch is available, and this represents a critical control-plane compromise vector for affected router devices.