CVE-2023-1389

HIGH KEV NUCLEI

Tp-link Archer Ax21 Firmware < 1.1.4 - Command Injection

Title source: rule

Description

TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.

Exploits (7)

exploitdb WORKING POC
by Voyag3r · pythonremotehardware
https://www.exploit-db.com/exploits/51677
nomisec WORKING POC 16 stars
by Voyag3r-Security · poc
https://github.com/Voyag3r-Security/CVE-2023-1389
nomisec WORKING POC
by werwolfz · poc
https://github.com/werwolfz/CVE-2023-1389
vulncheck_xdb WORKING POC
remote
https://github.com/Quadron-Research-Lab/Hardware-IoT

Nuclei Templates (1)

TP-Link Archer AX21 (AX1800) - Unauthenticated Command Injection
CRITICALVERIFIEDby ritikchaddha
Shodan: title:"TP-Link Router"
FOFA: body="tp-link"

References (3)

Scores

CVSS v3 8.8
EPSS 0.9354
EPSS Percentile 99.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-05-01
VulnCheck KEV 2023-04-12
InTheWild.io 2023-05-01
ENISA EUVD EUVD-2023-23645
CWE
CWE-77
Status published
Products (1)
tp-link/archer_ax21_firmware < 1.1.4
Published Mar 15, 2023
KEV Added May 01, 2023
Tracked Since Feb 18, 2026