Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior…
| Vendor | Product | Versions |
|---|---|---|
| TP-LINK | Archer AX50 | firmware versions prior to 'Archer AX50(JP)_V1_230529' |
| TP-LINK | Archer A10 | firmware versions prior to 'Archer A10(JP)_V2_230504' |
| TP-LINK | Archer AX10 | firmware versions prior to 'Archer AX10(JP)_V1.2_230508' |
| TP-LINK | Archer AX11000 | firmware versions prior to 'Archer AX11000(JP)_V1_230523' |
Not currently listed on the CISA Known Exploited Vulnerabilities (KEV) catalog. EPSS is the best forward-looking signal — see the EPSS row above.
For the full vendor write-up, exploit chains, and reference implementations, see the references list in section 09.
Open the Sigma generator with a pre-filled prompt for this CVE to draft a starting detection in your stack of choice:
No directly-cited follow-up CVEs in the KB record for this advisory. The references list in section 09 carries the vendor cross-references.