Rewterz Threat Advisory – CVE-2023-27346 – TP-Link AX1800 Vulnerability

Rewterz Threat Alert – Rhadamanthys Stealer – Active IOCs

April 4, 2023

Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs

April 4, 2023

Rewterz Threat Advisory – CVE-2023-27346 – TP-Link AX1800 Vulnerability

Severity

High

Analysis Summary

CVE-2023-27346

TP-Link AX1800 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing firmware images. By sending a specially-crafted request, a remote attacker within the local network could overflow a buffer and execute arbitrary code on the system with root privileges.

Impact

Buffer Overflow

Indicators Of Compromise

CVE

CVE-2023-27346

Affected Vendors

TP-Link

Affected Products

TP-Link AX1800

Remediation

Upgrade to the latest version of TP-Link AX1800 firmware, available from the TP-Link Website.

TP-Link Website

Rewterz Threat Alert – Rhadamanthys Stealer – Active IOCs

Rewterz Threat Alert – APT-C-35 aka Donot Team – Active IOCs

Rewterz Threat Advisory – CVE-2023-27346 – TP-Link AX1800 Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan