CVE-2024-21833 | Armis Vulnerability Intelligence Database

Description Preview

CVE-2024-21833 affects several TP-LINK products, including the Archer AX3000, Archer AX5400, Archer AXE75, Deco X50, and Deco XE200. The vulnerability arises from improper input validation, which allows an unauthenticated attacker with network access to execute arbitrary operating system commands on the affected devices. This issue is particularly concerning as it can be exploited by attackers who have access to the local area network (LAN) or Wi-Fi, potentially leading to unauthorized control over the device and its functionalities.

Overview

CVE ID: CVE-2024-21833
Vendor: TP-Link
Affected Products:
- Archer AX3000 (firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115")
- Archer AX5400 (firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115")
- Archer AXE75 (firmware versions prior to "Archer AXE75(JP)_V1_231115")
- Deco X50 (firmware versions prior to "Deco X50(JP)_V1_1.4.1 Build 20231122")
- Deco XE200 (firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120")
Vulnerability Type: OS command injection
Attack Vector: Network-adjacent unauthenticated access

Remediation

To mitigate the risks associated with CVE-2024-21833, users are advised to update their affected TP-LINK devices to the latest firmware versions as specified below:

Archer AX3000: Update to "Archer AX3000(JP)_V1_1.1.2 Build 20231115" or later.
Archer AX5400: Update to "Archer AX5400(JP)_V1_1.1.2 Build 20231115" or later.
Archer AXE75: Update to "Archer AXE75(JP)_V1_231115" or later.
Deco X50: Update to "Deco X50(JP)_V1_1.4.1 Build 20231122" or later.
Deco XE200: Update to "Deco XE200(JP)_V1_1.2.5 Build 20231120" or later.

Users can download the latest firmware from the official TP-Link support pages for each product.

References

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Accommodation & Food Services: Low
Accommodation & Food Services
Administrative, Support, Waste Management & Remediation Services: Low
Administrative, Support, Waste Management & Remediation Services
Agriculture, Forestry Fishing & Hunting: Low
Agriculture, Forestry Fishing & Hunting
Arts, Entertainment & Recreation: Low
Arts, Entertainment & Recreation
Construction: Low
Construction
Educational Services: Low
Educational Services
Finance and Insurance: Low
Finance and Insurance
Health Care & Social Assistance: Low
Health Care & Social Assistance
Information: Low
Information
Management of Companies & Enterprises: Low
Management of Companies & Enterprises
Manufacturing: Low
Manufacturing
Mining: Low
Mining
Other Services (except Public Administration): Low
Other Services (except Public Administration)
Professional, Scientific, & Technical Services: Low
Professional, Scientific, & Technical Services
Public Administration: Low
Public Administration
Real Estate Rental & Leasing: Low
Real Estate Rental & Leasing
Retail Trade: Low
Retail Trade
Transportation & Warehousing: Low
Transportation & Warehousing
Utilities: Low
Utilities
Wholesale Trade: Low
Wholesale Trade

^{CVE-2024-21833:}Multiple TP-LINK products are vulnerable to OS command injection, allowing unauthenticated attackers with network access to execute arbitrary OS commands.

Description Preview

Overview

Remediation

References

Focus on What Matters

Let's talk!