Skip to content
/ CVE-2022-30075 Public
forked from aaronsvk/CVE-2022-30075

Modified OT CVE vulnerability over Tp-Link Devices version Archer AX50 Authenticated RCE

0 stars 45 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

NextSecurity/CVE-2022-30075

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
tplink.py
tplink.py
 
 

Repository files navigation

CVE-2022-30075

Authenticated Remote Code Execution in Tp-Link Routers

Affected Devices

If your Tp-Link router has backup and restore functionality and firmware is older than june 2022, it is probably vulnerable

Tested With

Tp-Link Archer AX50, other tplink routers may use different format of backups and exploit needs to be modified

PoC

Using exploit for starting telnet daemon on the router tplink

Timeline

15.03.2022 - Identified vulnerability
15.03.2022 - Contacted Tp-Link support
16.03.2022 - Recieved response from Tp-Link
02.05.2022 - Assigned CVE
27.05.2022 - Tp-Link released firmware with fixed vulnerability
07.06.2022 - Published technical details

About

Modified OT CVE vulnerability over Tp-Link Devices version Archer AX50 Authenticated RCE

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%