The vulnerability of the tddpd function in the Enable_test_mode microprogramming system of Tp-Link wireless access points Tp-Link AC1350 and Tp-Link N300 allows a hacker to execute arbitrary commands.

🗓️ 19 Apr 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The tddpd vulnerability in Tp-Link Enable_test_mode allows remote arbitrary command execution on Tp-Link AC1350 and N300.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-49133	11 Apr 202408:52	–	circl
CNNVD	TP-LINK AC1350 命令注入漏洞	9 Apr 202400:00	–	cnnvd
CNVD	TP-LINK AC1350 and N300 Command Injection Vulnerability	11 Apr 202400:00	–	cnvd
CVE	CVE-2023-49133	9 Apr 202414:12	–	cve
Cvelist	CVE-2023-49133	9 Apr 202414:12	–	cvelist
EUVD	EUVD-2023-53141	3 Oct 202520:07	–	euvd
NVD	CVE-2023-49133	9 Apr 202415:15	–	nvd
OSV	CVE-2023-49133	9 Apr 202415:15	–	osv
Positive Technologies	PT-2023-9017 · Tp Link · Eap225 V3 +1	11 Dec 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-49133	9 Jan 202608:59	–	redhatcve

Source	Link
tp-link	www.tp-link.com/us/support/download/eap115/v4/
tp-link	www.tp-link.com/us/support/download/eap225/v3/
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862
web	www.web.nvd.nist.gov/view/vuln/detail
talosintelligence	www.talosintelligence.com/reports/TALOS-2023-1862

19 Apr 2024 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 27.6

CVSS 38.1

EPSS0.00679

tddpd function enable test mode tp-link ac1350 tp-link n300 remote command execution unverified area