Vulnerability Description
TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.
CVSS Score
8.8
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Archer Ax10 V1 Firmware | 1.3.1 |
| Tp-Link | Archer Ax10 V1 | - |
Related Weaknesses (CWE)
References
- https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.mdExploitThird Party Advisory
- https://www.tp-link.com/br/home-networking/wifi-router/archer-ax10/Product
- https://www.tp-link.com/br/support/download/archer-ax10/v1/Product
- https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.mdExploitThird Party Advisory
- https://www.tp-link.com/br/home-networking/wifi-router/archer-ax10/Product
- https://www.tp-link.com/br/support/download/archer-ax10/v1/Product
FAQ
What is CVE-2022-40486?
CVE-2022-40486 is a vulnerability with a CVSS score of 8.8 (HIGH). TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.
How severe is CVE-2022-40486?
CVE-2022-40486 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-40486?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Archer Ax10 V1 Firmware, Tp-Link Archer Ax10 V1.