Unrated severityNVD Advisory· Published Jan 10, 2024· Updated Jun 3, 2025
CVE-2024-21773
CVE-2024-21773
Description
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8(expand)+ 1 more
- (no CPE)
- (no CPE)range: firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
(expand)+ 1 more
- (no CPE)
- (no CPE)range: firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
- TP-Link/Archer Air R5v5Range: firmware versions prior to "Archer Air R5(JP)_V1_1.1.6 Build 20240508"
- TP-Link/Deco XE200v5Range: firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120"
Patches
Vulnerability mechanics
References
6- jvn.jp/en/vu/JVNVU91401812/mitre
- www.tp-link.com/jp/support/download/archer-air-r5/v1/mitre
- www.tp-link.com/jp/support/download/archer-ax3000/mitre
- www.tp-link.com/jp/support/download/archer-ax5400/mitre
- www.tp-link.com/jp/support/download/deco-x50/v1/mitre
- www.tp-link.com/jp/support/download/deco-xe200/mitre
News mentions
0No linked articles in our index yet.