Unrated severityNVD Advisory· Published Jan 10, 2024· Updated Jun 16, 2025
CVE-2024-21833
CVE-2024-21833
Description
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
- Range: firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
- Range: firmware versions prior to "Archer AXE75(JP)_V1_231115"
- TP-Link/Deco XE200v5Range: firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120"
Patches
Vulnerability mechanics
References
6- jvn.jp/en/vu/JVNVU91401812/mitre
- www.tp-link.com/jp/support/download/archer-ax3000/mitre
- www.tp-link.com/jp/support/download/archer-ax5400/mitre
- www.tp-link.com/jp/support/download/archer-axe75/mitre
- www.tp-link.com/jp/support/download/deco-x50/v1/mitre
- www.tp-link.com/jp/support/download/deco-xe200/mitre
News mentions
0No linked articles in our index yet.