Cache Poisoning Vulnerability in TP-Link AX10v1 Web Interface

Cache Poisoning Vulnerability in TP-Link AX10v1 Web Interface

CVE-2021-41451 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack.

Learn more about our Web App Pen Testing.