CVE-2024-54126
CVSS V2 None
CVSS V3 None
Description
This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading and executing malicious firmware which could lead to complete compromise of the targeted device.
Overview
- CVE ID
- CVE-2024-54126
- Assigner
- CERT-In
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-12-05T12:14:41.814Z
- Last Modified Date
- 2024-12-05T16:37:56.782Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0354 | third-party-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-54126 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54126 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-12-06 13:11:26 | Added to TrackCVE |