CVE-2023-27359

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-27359
TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. . Was ZDI-CAN-19664.

9.8 /10

CVSS v3 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.zerodayinitiative.com/advisories/ZDI-23-452/
https://www.zerodayinitiative.com/advisories/ZDI-23-452/
Configurations

No configuration.

History

21 Nov 2024, 07:52

Type Values Removed Values Added
References () https://www.zerodayinitiative.com/advisories/ZDI-23-452/ - () https://www.zerodayinitiative.com/advisories/ZDI-23-452/ -

18 Sep 2024, 19:15

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de condición de ejecución de regla de firewall hotplugd de TP-Link AX1800. Esta vulnerabilidad permite a atacantes remotos obtener acceso a servicios del lado LAN en instalaciones afectadas de enrutadores TP-Link Archer AX21. No se requiere autenticación para aprovechar esta vulnerabilidad. La falla específica existe dentro del demonio hotplugd. El problema se debe al manejo de las reglas del firewall que permiten que un atacante acceda a recursos que deberían estar disponibles únicamente para la interfaz LAN. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar código arbitrario en el contexto del usuario root. Era ZDI-CAN-19664.
Summary (en) TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. Was ZDI-CAN-19664. (en) TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. . Was ZDI-CAN-19664.

03 May 2024, 02:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-03 02:15

Updated : 2024-11-21 07:52

NVD link : CVE-2023-27359

Mitre link : CVE-2023-27359

CVE.ORG link : CVE-2023-27359

JSON object : View

Products Affected

No product.

CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024