CVE-2021-41450

HIGH

Tp-link Archer Ax10 V1 Firmware < 211117 - HTTP Request Smuggling

Title source: rule

Description

An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.

References (3)

[Vendor Advisory] http://tp-link.com

[Broken Link, URL Repurposed] http://ax10v1.com

[Release Notes, Vendor Advisory] https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware

Scores

CVSS v3 7.5

EPSS 0.0596

EPSS Percentile 90.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-444

Status published

Products (1)

tp-link/archer_ax10_v1_firmware < 211117

Published Dec 08, 2021

Tracked Since Feb 18, 2026