CVE-2019-13390 is a vulnerability that affects certain versions of the TP-Link Archer C5 router, which is commonly used in homes and small businesses. The vulnerability allows an attacker with network access to the router's web interface to execute arbitrary commands with administrative privileges. This means that an attacker could potentially take control of the router, intercept traffic, and gain access to devices on the network.
The vulnerability was first reported in August 2019 and was assigned CVE-2019-13390 by the Common Vulnerabilities and Exposures (CVE) system. TP-Link released a firmware update to address the vulnerability in September 2019, but it was reported that many users did not update their routers, leaving them vulnerable. In May 2020, a security researcher published a proof-of-concept exploit for the vulnerability, highlighting the importance of updating firmware to protect against such attacks.
Following the publication of the exploit, TP-Link issued a public statement urging users to update their firmware and provided instructions on how to do so. While the vulnerability only affects certain versions of the Archer C5 router, it serves as a reminder of the importance of keeping all software and devices up-to-date to protect against potential vulnerabilities and attacks.