ID
VAR-202210-1232
CVE
CVE-2022-41541
TITLE
TP-LINK AX10 Security hole
Trust: 0.6
sources:
CNNVD: CNNVD-202210-1196
DESCRIPTION
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user.
Trust: 1.0
sources:
NVD: CVE-2022-41541
AFFECTED PRODUCTS
| vendor: | tp link | model: | ax10 | scope: | eq | version: | v1_211117 | Trust: 1.0 |
sources:
NVD: CVE-2022-41541
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNNVD: CNNVD-202210-1196 //
NVD: CVE-2022-41541 //
NVD: CVE-2022-41541
PROBLEMTYPE DATA
| problemtype: | CWE-294 | Trust: 1.0 |
sources:
NVD: CVE-2022-41541
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202210-1196
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202210-1196
PATCH
| title: | TP-LINK AX10 Security vulnerabilities | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=211493 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202210-1196
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-41541 | Trust: 1.6 |
| db: | CNNVD | id: | CNNVD-202210-1196 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202210-1196 //
NVD: CVE-2022-41541
REFERENCES
| url: | https://www.tp-link.com/us/support/download/archer-ax10/v1/#firmware | Trust: 1.6 |
| url: | https://github.com/efchatz/easy-exploits/tree/main/web/tp-link/replay | Trust: 1.6 |
| url: | https://cxsecurity.com/cveshow/cve-2022-41541/ | Trust: 0.6 |
sources:
CNNVD: CNNVD-202210-1196 //
NVD: CVE-2022-41541
SOURCES
| db: | CNNVD | id: | CNNVD-202210-1196 |
| db: | NVD | id: | CVE-2022-41541 |
LAST UPDATE DATE
2025-05-17T03:54:50.520000+00:00
SOURCES UPDATE DATE
| db: | CNNVD | id: | CNNVD-202210-1196 | date: | 2022-10-21T00:00:00 |
| db: | NVD | id: | CVE-2022-41541 | date: | 2025-05-15T15:16:06.270 |
SOURCES RELEASE DATE
| db: | CNNVD | id: | CNNVD-202210-1196 | date: | 2022-10-18T00:00:00 |
| db: | NVD | id: | CVE-2022-41541 | date: | 2022-10-18T15:15:10.243 |