Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The security vulnerabilities are as follows –

  • CVE-2023-1389 (CVSS score: 8.8) – TP-Link Archer AX-21 Command Injection Vulnerability
  • CVE-2021-45046 (CVSS score: 9.0) – Apache Log4j2 Deserialization of Untrusted Data Vulnerability
  • CVE-2023-21839 (CVSS score: 7.5) – Oracle WebLogic Server Unspecified Vulnerability

CVE-2023-1389 concerns a case of command injection affecting TP-Link Archer AX-21 routers that could be exploited to achieve remote code execution. According to Trend Micro’s Zero Day Initiative, the flaw has been put to use by threat actors associated with the Mirai botnet since April 11, 2023.

Read more…