CVE-2023-1389 - TP-Link Archer AX-21 Command Injection Vulnerability
Project:TP-Link
Product:Archer AX21
Date Added:2023-05-01Due Date:2023-05-22
Vulnerability Name
TP-Link Archer AX-21 Command Injection Vulnerability
Description
TP-Link Archer AX-21 contains a command injection vulnerability that allows for remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://www.tp-link.com/us/support/download/archer-ax21/v3/#Firmware
https://nvd.nist.gov/vuln/detail/CVE-2023-1389
Related News Articles
Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ VendorsOctober 13, 2025
RondoDox botnet targets 56 n-day flaws in worldwide attacksOctober 10, 2025
Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based AttacksJune 9, 2025
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentialsApril 10, 2025
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 DevicesMarch 11, 2025