CVE-2022-41541
First published: Tue Oct 18 2022(Updated: )
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TP-Link Archer AX10 Firmware | =v1_211117 | |
| TP-Link AX10 Firmware | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-41541?
CVE-2022-41541 has been classified with a high severity due to the potential for attackers to gain administrative access to the device.
How do I fix CVE-2022-41541?
To fix CVE-2022-41541, update your TP-Link AX10 firmware to a patched version or newer than v1_211117.
What types of attacks are possible with CVE-2022-41541?
CVE-2022-41541 allows for replay attacks, where attackers can reuse previously transmitted encrypted authentication messages.
Which devices are affected by CVE-2022-41541?
CVE-2022-41541 affects the TP-Link AX10 running firmware version v1_211117.
Can CVE-2022-41541 lead to unauthorized access?
Yes, CVE-2022-41541 can allow attackers to log in as an admin user, leading to unauthorized access to the web application.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/tp-link
- canonical/tp-link archer ax10 firmware
- version/tp-link archer ax10 firmware/v1_211117
- canonical/tp-link ax10 firmware
- version/tp-link ax10 firmware/1.0