Top
image credit: rawpixel.com / Freepik

Update TP-Link’s Archer C5400X router now to fix remote takeover vulnerability

May 29, 2024

Via: TechSpot
Category:

The flaw, tracked as CVE-2024-5035, earned the highest possible severity rating of 10.0 under the Common Vulnerability Scoring System (CVSS). Vulnerabilities scoring 10.0 are extremely rare – most severe bugs max out at 9.8, so this one’s about as bad as it gets.

The issue lies in a network service called “rftest” that the router exposes on TCP ports 8888, 8889, and 8890. By exploiting it, an unauthenticated attacker can inject malicious commands and gain full remote code execution privileges on the vulnerable device.

Read More on TechSpot