CVE-2024-38471 Information

Jul 05, 2024 cve

Description

Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device with the initial configuration allows login only from the LAN port or Wi-Fi.

Reference

https://www.tp-link.com/jp/support/download/ https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware https://www.tp-link.com/jp/support/download/archer-air-r5/v1/#Firmware https://www.tp-link.com/jp/support/download/archer-axe5400/#Firmware https://jvn.jp/en/vu/JVNVU99784493/

Share on: