CVE-2022-40486
Severity CVSS v4.0:
Pending analysis
Type:
CWE-94
Code Injection
Publication date:
28/09/2022
Last modified:
21/05/2025
Description
TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:tp-link:archer_ax10_v1_firmware:1.3.1:20220401:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:archer_ax10_v1:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md
- https://www.tp-link.com/br/home-networking/wifi-router/archer-ax10/
- https://www.tp-link.com/br/support/download/archer-ax10/v1/
- https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md
- https://www.tp-link.com/br/home-networking/wifi-router/archer-ax10/
- https://www.tp-link.com/br/support/download/archer-ax10/v1/