Rewterz Threat Advisory – Multiple TP-LINK Products Vulnerabilities

Rewterz Threat Advisory – Multiple IBM AIX Vulnerabilities

January 11, 2024

Rewterz Threat Alert – PikaBot Malware Actively Distributed by Water Curupira Threat Actors – Active IOCs

January 11, 2024

Rewterz Threat Advisory – Multiple TP-LINK Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-21773 CVSS:7.5

Multiple TP-LINK products could allow a remote attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-21821 CVSS:7.1

Multiple TP-LINK products could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-21833 CVSS:7.5

Impact

Gain Access

Indicators Of Compromise

CVE

CVE-2024-21773
CVE-2024-21821
CVE-2024-21833

Affected Vendors

TP-Link

Affected Products

TP-Link Archer AX3000
TP-Link Archer AX5400
TP-Link Deco X50
TP-Link Deco XE200
TP-Link Archer AXE75

Remediation

Refer to TP-Link Website for patch, upgrade or suggested workaround information.

TP-Link Website

Rewterz Threat Advisory – Multiple IBM AIX Vulnerabilities

Rewterz Threat Alert – PikaBot Malware Actively Distributed by Water Curupira Threat Actors – Active IOCs

Rewterz Threat Advisory – Multiple TP-LINK Products Vulnerabilities

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan