CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-41451

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.068

EPSS Ranking 90.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://ax10v1.com
http://tp-link.com
https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware
http://ax10v1.com
http://tp-link.com
https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware

Products affected by CVE-2021-41451

Tp-Link » Archer Ax10 » Version: v1

cpe:2.3:h:tp-link:archer_ax10:v1
Tp-Link » Archer Ax10 Firmware » Version: N/A

cpe:2.3:o:tp-link:archer_ax10_firmware:-
Tp-Link » Archer Ax10 Firmware » Version: 230220

cpe:2.3:o:tp-link:archer_ax10_firmware:230220
Tp-Link » Archer Ax10 Firmware » Version: 230508

cpe:2.3:o:tp-link:archer_ax10_firmware:230508

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-41451

Products

Pricing

Contact Us