CVE-2023-32619

Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*

History

11 Sep 2023, 13:35

Type Values Removed Values Added
CPE cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*
First Time Tp-link archer C50 V3
Tp-link archer C55
Tp-link
Tp-link archer C50 V3 Firmware
Tp-link archer C55 Firmware
CWE CWE-798
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.8
References (MISC) https://www.tp-link.com/jp/support/download/archer-c55/#Firmware - (MISC) https://www.tp-link.com/jp/support/download/archer-c55/#Firmware - Product
References (MISC) https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware - (MISC) https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware - Product
References (MISC) https://jvn.jp/en/vu/JVNVU99392903/ - (MISC) https://jvn.jp/en/vu/JVNVU99392903/ - Third Party Advisory

06 Sep 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-06 10:15

Updated : 2024-09-26 21:35


NVD link : CVE-2023-32619

Mitre link : CVE-2023-32619

CVE.ORG link : CVE-2023-32619


JSON object : View

Products Affected

tp-link

  • archer_c50_v3_firmware
  • archer_c50_v3
  • archer_c55
  • archer_c55_firmware
CWE
CWE-798

Use of Hard-coded Credentials