Security News > 2024 > May > TP-Link fixes critical RCE bug in popular C5400X gaming router
The TP-Link Archer C5400X gaming router is vulnerable to security flaws that could enable an unauthenticated, remote attacker to execute commands on the device.
The TP-Link Archer C5400X is a high-end tri-band gaming router designed to provide robust performance and advanced features for gaming and other demanding applications, and based on the number of user reviews the product has on online stores, it appears to be a popular choice among gamers.
Arbitrary command execution on routers can lead to hijacking routers, data interception, changing DNS settings, and potentially breaching internal networks.
Users are recommended to download the firmware update from TP-Link's official download portal or use their router admin panel to perform the update.
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers.
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw.
News URL
Related news
- D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers (source)
- Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) (source)
- Critical Progress WhatsUp RCE flaw now under active exploitation (source)
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- Week in review: SonicWall critical firewalls flaw fixed, APT exploits WPS Office for Windows RCE (source)
- Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) (source)
- D-Link says it is not fixing four RCE flaws in DIR-846W routers (source)