In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation.
                
            References
                    | Link | Resource | 
|---|---|
| http://packetstormsecurity.com/files/167522/TP-Link-AX50-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry | 
| http://tp-link.com | Product Vendor Advisory | 
| https://github.com/aaronsvk | Third Party Advisory | 
| https://github.com/aaronsvk/CVE-2022-30075 | Exploit Third Party Advisory | 
| https://www.exploit-db.com/exploits/50962 | Exploit Third Party Advisory VDB Entry | 
| http://packetstormsecurity.com/files/167522/TP-Link-AX50-Remote-Code-Execution.html | Exploit Third Party Advisory VDB Entry | 
| http://tp-link.com | Product Vendor Advisory | 
| https://github.com/aaronsvk | Third Party Advisory | 
| https://github.com/aaronsvk/CVE-2022-30075 | Exploit Third Party Advisory | 
| https://www.exploit-db.com/exploits/50962 | Exploit Third Party Advisory VDB Entry | 
Configurations
                    Configuration 1 (hide)
| AND | 
 
 | 
History
                    No history.
Information
                Published : 2022-06-09 04:15
Updated : 2024-11-21 07:02
NVD link : CVE-2022-30075
Mitre link : CVE-2022-30075
CVE.ORG link : CVE-2022-30075
JSON object : View
Products Affected
                tp-link
- archer_ax50_firmware
- archer_ax50
CWE
                