Sign-up

ID

VAR-202303-1296


CVE

CVE-2023-27333


TITLE

TP-LINK Technologies  of  archer ax21  Stack-based buffer overflow vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2023-029383

DESCRIPTION

TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of command 0x422 provided to the tmpServer service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19905. (DoS) It may be in a state

Trust: 2.34

sources: NVD: CVE-2023-27333 // JVNDB: JVNDB-2023-029383 // ZDI: ZDI-23-244 // VULMON: CVE-2023-27333

AFFECTED PRODUCTS

vendor:tp linkmodel:archer ax21scope: - version: -

Trust: 1.5

vendor:tp linkmodel:archer ax21scope:eqversion:1.1.3

Trust: 1.0

vendor:tp linkmodel:archer ax21scope:eqversion: -

Trust: 0.8

vendor:tp linkmodel:archer ax21scope:eqversion:archer ax21 firmware 1.1.3

Trust: 0.8

sources: ZDI: ZDI-23-244 // JVNDB: JVNDB-2023-029383 // NVD: CVE-2023-27333

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com: CVE-2023-27333
value: MEDIUM

Trust: 1.0

OTHER: JVNDB-2023-029383
value: MEDIUM

Trust: 0.8

ZDI: CVE-2023-27333
value: MEDIUM

Trust: 0.7

zdi-disclosures@trendmicro.com: CVE-2023-27333
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.0

Trust: 1.0

OTHER: JVNDB-2023-029383
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2023-27333
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.9
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-23-244 // JVNDB: JVNDB-2023-029383 // NVD: CVE-2023-27333

PROBLEMTYPE DATA

problemtype:CWE-121

Trust: 1.0

problemtype:Stack-based buffer overflow (CWE-121) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-029383 // NVD: CVE-2023-27333

PATCH

title:Fixed in Archer AX21 version V3230219 #Firmwareurl:https://www.tp-link.com/us/support/download/archer-ax21/

Trust: 0.7

sources: ZDI: ZDI-23-244

EXTERNAL IDS

db:NVDid:CVE-2023-27333

Trust: 3.4

db:ZDIid:ZDI-23-244

Trust: 2.6

db:JVNDBid:JVNDB-2023-029383

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-19905

Trust: 0.7

db:VULMONid:CVE-2023-27333

Trust: 0.1

sources: ZDI: ZDI-23-244 // VULMON: CVE-2023-27333 // JVNDB: JVNDB-2023-029383 // NVD: CVE-2023-27333

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-23-244/

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2023-27333

Trust: 0.8

url:https://www.tp-link.com/us/support/download/archer-ax21/

Trust: 0.7

sources: ZDI: ZDI-23-244 // VULMON: CVE-2023-27333 // JVNDB: JVNDB-2023-029383 // NVD: CVE-2023-27333

CREDITS

Pumpkin, working with DEVCORE Internship Program

Trust: 0.7

sources: ZDI: ZDI-23-244

SOURCES

db:ZDIid:ZDI-23-244
db:VULMONid:CVE-2023-27333
db:JVNDBid:JVNDB-2023-029383
db:NVDid:CVE-2023-27333

LAST UPDATE DATE

2025-08-09T23:05:01.185000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-23-244date:2023-03-15T00:00:00
db:JVNDBid:JVNDB-2023-029383date:2025-08-07T02:08:00
db:NVDid:CVE-2023-27333date:2025-08-06T14:24:05.763

SOURCES RELEASE DATE

db:ZDIid:ZDI-23-244date:2023-03-15T00:00:00
db:JVNDBid:JVNDB-2023-029383date:2025-08-07T00:00:00
db:NVDid:CVE-2023-27333date:2024-05-03T02:15:10.273