CVE-2022-30075

This exploit demonstrates authenticated RCE on TP-Link Archer AX50 routers by importing a malicious config file. It includes encryption/decryption logic for router communication and backup file manipulation.

This repository contains a Python-based exploit for CVE-2022-30075, an authenticated RCE vulnerability in TP-Link routers. The exploit manipulates backup files to inject malicious commands, enabling remote code execution via telnetd activation.

This PoC exploits an authenticated RCE vulnerability in TP-Link routers by importing a malicious config file. It includes encryption/decryption logic for router communication and backup file manipulation.

This PoC exploits CVE-2022-30075, a remote code execution vulnerability in TP-Link Router AX50 firmware 210730. It authenticates to the router, manipulates backup/import functionality to inject malicious configuration files, and achieves RCE.

This repository contains a functional exploit for CVE-2022-30075, an authenticated RCE vulnerability in TP-Link routers (e.g., Archer AX50). The exploit authenticates, downloads and decrypts the router's configuration, injects a command into DDNS settings, re-encrypts, and uploads the modified configuration to achieve remote code execution.