CVE-2024-53375

CVSS 3.1 Score 8 of 10 (high)

Details

Published Dec 2, 2024
Updated: Dec 17, 2024
CWE ID 78

Summary

CVE-2024-53375 is an Authenticated Remote Code Execution (RCE) vulnerability affecting the TP-Link Archer router series. This issue resides in the "tmp_get_sites" function of the HomeShield functionality, which is a feature provided by TP-Link. The HomeShield activation is not a prerequisite for successful exploitation, making the vulnerability potentially dangerous for all affected devices. By exploiting this flaw, an attacker can execute arbitrary code and potentially gain full control of the compromised router. Users are strongly advised to update their routers as soon as a patch becomes available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share