CVE-2021-40288
HIGHTP-Link Archer AX10 < V1_211014 DoS via Spoofed WPA2/WPA3-SAE Frames
Title source: llmDescription
A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames
References (1)
Core 1
Core References
Mitigation, Patch, Vendor Advisory x_refsource_misc
https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware
Scores
CVSS v3
7.5
EPSS
0.0196
EPSS Percentile
83.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-290
Status
published
Products (1)
tp-link/archer_ax10_firmware
< v1_211014
Published
Dec 07, 2021
Tracked Since
Feb 18, 2026