Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 07/02/2025 Updated: 07/02/2025

Remote Code Execution in TPLINK TL-WPA 8630 via Command Injection

An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 allows a remote malicious user to execute arbitrary code via function sub_4256CC, which allows command injection by injecting 'devpwd'.

A pre-authentication RCE vulnerability and attack script for a TP-Link TL-WPA8630 device

tplink-wpa8630-rce-vulnerability A pre-authentication RCE vulnerability and attack script for a TP-Link TL-WPA8630 device During my internship at QAX Tiangong Lab, I discovered a pre-authentication RCE vulnerability in the TP-Link TL-WPA8630 device Analyze the httpd file in the /usr/bin directory on port 80 There is a command injection vulnerability in the function sub_4256CC,

CWE-78 https://nvd.nist.gov https://github.com/c10uds/tplink-wpa8630-rce-vulnerability https://www.first.org/epss https://github.com/c10uds/tplink-wpa8630-rce-vulnerability https://github.com/c10uds/tplink-wpa8630-rce-vulnerability

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-57357

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect