CVE-2024-57049
CRITICALCVSS v3
9.8
CRITICAL
EPSS Score
48.8%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi directory. When adding Referer: http://tplinkwifi.net to the the request, it will be recognized as passing the authentication. NOTE: this is disputed by the Supplier because the response to the API call is only "non-sensitive UI initialization variables."
Technical Details
- Published
- 2/18/2025
Frequently Asked Questions
What is CVE-2024-57049?
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi directory. When adding Referer: http://tplinkwifi.net to the the request, it will be recognized as passing the authentication. NOTE: this is disputed by the Supplier because the response to the API call is only "non-sensitive UI initialization variables."
Is CVE-2024-57049 actively exploited?
Active exploitation of CVE-2024-57049 has not been confirmed. The EPSS score is 48.8%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-57049?
CVE-2024-57049 has a CVSS v3 base score of 9.8 (CRITICAL severity).
Is CVE-2024-57049 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.