Описание
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.
Ссылки
- Third Party Advisory
- Product
- Product
- Third Party Advisory
- Product
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 230506 (исключая)
Одновременно
cpe:2.3:o:tp-link:archer_c55_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c55:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 230505 (исключая)
Одновременно
cpe:2.3:o:tp-link:archer_c50_v3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c50_v3:-:*:*:*:*:*:*:*
EPSS
Процентиль: 26%
0.00089
Низкий
8.8 High
CVSS3
Дефекты
CWE-798
CWE-798
Связанные уязвимости
CVSS3: 8.8
github
больше 2 лет назад
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.
EPSS
Процентиль: 26%
0.00089
Низкий
8.8 High
CVSS3
Дефекты
CWE-798
CWE-798