SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if captured credentials are reused.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120.
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XTp Link Archer Ax53
HWTp-Linkwszystkie wersjeTp Link Archer Ax53 Firmware
OSTp-Link1.0
Related vulnerabilities
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticate...
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adja...
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticate...
A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input hand...
This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logi...