CVE-2023-43482

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Feb 6, 2024

Updated: Feb 9, 2024

CWE ID 78

Summary

CVE-2023-43482 is a critical command execution vulnerability affecting Tp-Link ER7206 Omada Gigabit VPN Routers running version 1.3.0 build 20230322 Rel.70591. A maliciously crafted HTTP request can exploit this weakness, enabling an authenticated attacker to execute arbitrary commands on the router. This vulnerability poses a significant risk, as it could allow unauthorized access, data theft, or even router takeover. Users are strongly advised to update their routers to the latest patched version to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

TP-LINK Technologies Co Ltd

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tT4yc3
https://www.cve.org/CVERecord?id=CVE-2023-43482
https://nvd.nist.gov/vuln/detail/CVE-2023-43482

Back to Vulnerability Database

CVE-2023-43482

CVSS 3.1 Score 7.2 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations