CVE-2023-27359

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-27359
TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. . Was ZDI-CAN-19664.

8.1 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.zerodayinitiative.com/advisories/ZDI-23-452/ Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-452/ Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:archer_ax21_firmware:1.1.1:build20220603:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_ax21:3.0:*:*:*:*:*:*:*
History

06 Aug 2025, 14:21

Type Values Removed Values Added
CPE cpe:2.3:h:tp-link:archer_ax21:3.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_ax21_firmware:1.1.1:build20220603:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 8.1
First Time Tp-link archer Ax21 Firmware
Tp-link archer Ax21
Tp-link
References () https://www.zerodayinitiative.com/advisories/ZDI-23-452/ - () https://www.zerodayinitiative.com/advisories/ZDI-23-452/ - Third Party Advisory

18 Sep 2024, 19:15

Type Values Removed Values Added
Summary TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. Was ZDI-CAN-19664. TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. . Was ZDI-CAN-19664.

03 May 2024, 02:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-03 02:15

Updated : 2025-08-06 14:21

NVD link : CVE-2023-27359

Mitre link : CVE-2023-27359

JSON object : View

Products Affected

tp-link

  • archer_ax21
  • archer_ax21_firmware
CWE

No CWE.