VulnHub

Real-time Cybersecurity News

CVE-2023-33538 under attack for a year, but exploitation still unsuccessful

Security Affairs
CVEExploitVulnerability

Overview

For over a year, hackers have aimed to exploit a serious vulnerability known as CVE-2023-33538, affecting older TP-Link routers. This flaw, which has a high CVSS score of 8.8, allows attackers to execute commands remotely on the devices. Despite the ongoing attempts, researchers have not reported any successful exploitation thus far. This situation is concerning for users of these outdated routers, as the vulnerability could potentially expose them to various cyber threats. It serves as a reminder for users to keep their devices updated and secure against known vulnerabilities.

Key Takeaways

  • Affected Systems: Older TP-Link routers affected by CVE-2023-33538
  • Action Required: Users are advised to update their routers to the latest firmware version available from TP-Link to mitigate risks associated with this vulnerability.
  • Timeline: Ongoing since over a year

Original Article Summary

Hackers have targeted CVE-2023-33538 flaw in old TP-Link routers for a year, but no successful exploitation has been seen so far. Hackers have been trying for over a year to exploit a serious flaw, tracked as CVE-2023-33538 (CVSS score of 8.8), in outdated TP-Link routers, but so far without success. The vulnerability is a command […]

Impact

Older TP-Link routers affected by CVE-2023-33538

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Ongoing since over a year

Remediation

Users are advised to update their routers to the latest firmware version available from TP-Link to mitigate risks associated with this vulnerability.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Exploit, Vulnerability.

Read Original Article

Related Coverage

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

SecurityWeek

Forescout researchers have identified 20 vulnerabilities in products from Lantronix and Silex, specifically targeting serial-to-IP converters commonly used in operational technology (OT) and healthcare systems. These flaws could allow attackers to gain unauthorized access, potentially compromising sensitive systems that rely on these devices for communication and control. The vulnerabilities pose a significant risk, as they can affect critical infrastructure and patient safety. Organizations using these converters should take immediate action to assess their systems and implement security measures to mitigate potential attacks. The research provides theoretical attack scenarios that illustrate the potential consequences of these flaws, emphasizing the need for vigilance in securing such devices.

Apr 20, 2026

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

Infosecurity Magazine

FortiGuard Labs has reported that attackers are exploiting a command injection vulnerability (CVE-2024-3721) in TBK DVR devices, utilizing it to deploy a Mirai-based botnet. This vulnerability allows unauthorized commands to be executed on the affected devices, potentially turning them into part of a larger network of compromised devices. Users of TBK DVR systems should be particularly vigilant, as this exploitation could lead to significant disruptions or unauthorized access to their networks. The presence of this botnet in the wild raises concerns about the broader implications for IoT security and the need for manufacturers to address such vulnerabilities swiftly. It’s crucial for users to stay informed and take appropriate action to protect their devices.

Apr 20, 2026

Hackers Abuse QEMU for Defense Evasion

SecurityWeek

Hackers have been exploiting the QEMU machine emulator in at least two separate campaigns aimed at deploying ransomware and remote access tools. This abuse allows attackers to bypass security measures, making it harder for organizations to detect their malicious activities. The implications are significant, as this could potentially lead to data breaches and unauthorized access to sensitive information. Companies using QEMU should be vigilant and assess their defenses against these types of attacks to safeguard their systems. Researchers are urging affected organizations to review their security protocols and update their defenses accordingly.

Apr 20, 2026

Bluesky Disrupted by Sophisticated DDoS Attack

SecurityWeek

Bluesky, a social media platform, was hit by a significant distributed denial-of-service (DDoS) attack that lasted around 24 hours. A pro-Iran hacker group has claimed responsibility for this disruption. Users experienced difficulties accessing the platform during the attack, impacting their ability to communicate and interact online. This incident raises concerns about the security of social media platforms and the potential for politically motivated cyberattacks to affect users worldwide. As cyber threats become more sophisticated, it emphasizes the need for companies to bolster their defenses against such attacks.

Apr 20, 2026

Senate Extends Surveillance Powers Until April 30 After Chaotic Votes in House

SecurityWeek

The Senate has approved a short-term extension of a controversial surveillance program used by U.S. intelligence agencies, allowing it to remain in effect until April 30. This decision comes after a series of contentious votes in the House, where lawmakers debated the implications of the program on privacy and civil liberties. The surveillance powers in question are part of a broader debate about national security and the balance between safety and individual rights. Critics argue that such programs can infringe on personal privacy, while supporters claim they are essential for national security. This extension reflects ongoing tensions in Congress over how to handle surveillance in an increasingly digital age.

Apr 20, 2026

Third-party AI hack triggers Vercel breach, internal environments accessed

Security Affairs

Vercel experienced a security breach due to a compromise of a third-party AI tool called Context.ai, which was being used by one of its employees. The breach occurred when attackers gained access to the employee's Google Workspace account, enabling them to infiltrate limited internal systems and access non-sensitive data. While the breach did not expose highly sensitive information, it raises concerns about the security of third-party tools and their impact on corporate networks. Vercel has reported this incident, and it serves as a reminder for companies to scrutinize the security measures of any external tools they integrate into their operations. Users and organizations relying on third-party applications must remain vigilant to protect their data and systems.

Apr 20, 2026