Published: 06/02/2024 Updated: 09/02/2024

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 0

A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tp-link er7206_firmware 1.3.0

Check Point Reference: CPAI-2023-1580 Date Published: 12 Mar 2024 Severity: High ...

TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability

CVE-2023-43482 TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability SUMMARY A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 130 build 20230322 Rel70591 A specially crafted HTTP request can lead to arbitrary command execution An attacker can make an authenticated H

CWE-78 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1850 https://nvd.nist.gov https://github.com/Mr-xn/CVE-2023-43482 https://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2023-1580.html

CVE-2023-43482

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect