PT-2023-23914 · Tp Link · Archer C55+1
Published
2023-09-06
·
Updated
2024-09-26
·
CVE-2023-32619
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Archer C50 versions prior to Archer C50(JP) V3 230505
Archer C55 versions prior to Archer C55(JP) V1 230506
Description
The affected devices use hard-coded credentials to login, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.
Recommendations
For Archer C50 versions prior to Archer C50(JP) V3 230505, update to Archer C50(JP) V3 230505 or later.
For Archer C55 versions prior to Archer C55(JP) V1 230506, update to Archer C55(JP) V1 230506 or later.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Archer C50
Archer C55