CVE-2023-1389 - Command injection

Urgent

Remediate Within one Week

CVE Information|Basic Analysis|Framework Mapping|Web Framework Mapping|Compliance

CVE Information

Original CVE data

Published: March 15, 2023

Updated: August 11, 2023

TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.

CWE: CWE-77

CVSS v2-

CVSS v38.8

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

https://www.tenable.com/security/research/tra-2023-11

http://packetstormsecurity.com/files/174131/TP-Link-Archer-AX21-Command-Injection.html

Affected Vendors

Tp-link - (1)

More vulnerabilities from Tp-link

Basic Analysis

Common vulnerability metrics

Vulnerabilty type as detected by PRIOⁿengine

Command injection

CVSS Scores as calculated by PRIOⁿengine

CVSS v210

AV:N/AC:L/AU:N/C:C/I:C/A:C

CVSS v39.8

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

MITRE CWE Top 25

Vulnerability weakness type is in the top 25 CWEs according to MITRE. View Mitre Top 25 CWEs

Exploits

No exploit code is reported to exist.

Active Exploitation

Vulnerability is referenced under CISA's Known Exploited Vulnerabilities (KEV) catalog. See the KEV Catalog

Social Network Activity

Vulnerability is mentioned or trending in social media.

Threat Actor Activity

Vulnerability is being actively exploited by threat actors during campaigns.

Cybersecurity Frameworks

How the vulnerability maps against various cybersecurity frameworks

T1499.004 - Endpoint Denial of Service (Application or System Exploitation)

T1190 - Exploit Public-Facing Application

T1083 - File and Directory Discovery

T1059 - Command and Scripting Interpreter

T1005 - Data from Local System

Compliance Impact

How the submited vulnerability affects compliance

PCI DSS v3.2.1-6.5.1 - Injection Flaws

Web Application Security Frameworks

Applicable if the issue likely affects a web application

WASC-31 - OS Commanding