A critical security vulnerability (CVE-2023-1389) has been discovered in the TP-Link Archer AX21 (AX1800) Wi-Fi router that could be used for command injection. Attackers use this vulnerability to gain control over routers and include the device in the Mirai botnet.

TP-Link developers fixed the issue in March 2023 with the release of firmware 1.1.4 Build 20230219. TP-Link recommends users to apply updates as soon as possible - tp-link.com.

Source: xakep.ru