Warning: 2 vulnerabilities in TP-LINK Archer AX21 routers
Both vulnerabilities have a HIGH impact on Confidentiality, Integrity, and Availability. Privileges, authentication, and user interaction are not required to exploit this vulnerability.
Moreover, CVE-2023-1389 has been observed being exploited in the wild.
Network-adjacent attackers can execute arbitrary code on affected TP-Link Archer AX21 routers.
The vulnerability exists within the merge_country_config function. The issue exists because of a lack of proper validation of a user-supplied string before using it to execute a system call.
Remote attackers can gain access to the LAN-side services of TP-Link Archer AX21 routers.
The vulnerability exists within the hotplugd daemon. The issue results from firewall rule handling and allows an attacker to access to resources that should be available to the LAN interface only. An attacker can leverage this vulnerability in conjunction with other vulnerabilities to execute arbitrary code as the root user.
The Centre for Cyber Security Belgium strongly recommends system administrators to visit TP-LINK's portal to apply the necessary patches.