CVE-2024-38471
MEDIUMTP-LINK Archer AX3000, AXE75, AX5400, and Air R5 - Authenticated OS Command Injection via Backup File Restore
Title source: llmDescription
Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
References (7)
Core 7
Core References
Various Sources
https://www.tp-link.com/jp/support/download/
Third Party Advisory
https://jvn.jp/en/vu/JVNVU99784493/
Scores
CVSS v3
6.8
EPSS
0.0010
EPSS Percentile
26.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (5)
TP-LINK/Archer Air R5
firmware versions prior to "Archer Air R5(JP)_V1_1.1.6 Build 20240508"
TP-LINK/Archer AX3000
firmware versions prior to "Archer AX3000(JP)_V1_1.1.3 Build 20240415"
TP-LINK/Archer AX5400
firmware versions prior to "Archer AX5400(JP)_V1_1.1.4 Build 20240429"
TP-LINK/Archer AXE5400
firmware versions prior to "Archer AXE5400(JP)_V1_1.0.3 Build 20240319"
TP-LINK/Archer AXE75
firmware versions prior to "Archer AXE75(JP)_V1_1.2.0 Build 20240320"
Published
Jul 04, 2024
Tracked Since
Feb 18, 2026