Rewterz Threat Advisory – CVE-2023-1389 – TP-Link Archer AX21 Vulnerability

Rewterz Threat Alert – PatchWork APT Group – Active IOCs

April 28, 2023

Rewterz Threat Advisory –CVE-2023-30441 – IBM Java Vulnerability

April 30, 2023

Rewterz Threat Advisory – CVE-2023-1389 – TP-Link Archer AX21 Vulnerability

Severity

High

Analysis Summary

CVE-2023-1389

TP-Link Archer AX21 could allow a remote attacker to execute arbitrary commands on the system, caused by a flaw in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

Command Execution

Indicators Of Compromise

CVE

CVE-2023-1389

Affected Vendors

TP-Link

Affected Products

TP-Link Archer AX21 (AX1800)

Remediation

Upgrade to the latest version of TP-link Archer AX21, available from the TP-Link Website.

TP-Link Website

Rewterz Threat Alert – PatchWork APT Group – Active IOCs

Rewterz Threat Advisory –CVE-2023-30441 – IBM Java Vulnerability

Rewterz Threat Advisory – CVE-2023-1389 – TP-Link Archer AX21 Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan