Описание
A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Ссылки
- ExploitTechnical DescriptionThird Party Advisory
- ExploitTechnical DescriptionThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.2 High
CVSS3
Дефекты
Связанные уязвимости
A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Уязвимость веб-сервера uHTTPd микропрограммного обеспечения VPN-маршрутизатора TP-Link ER7206 Omada, позволяющая нарушителю выполнить произвольные команды
EPSS
7.2 High
CVSS3