Lucene search

[email protected]CVE-2019-13650

HistoryOct 24, 2019 - 3:15 p.m.

CVE-2019-13650

2019-10-2415:15:00

CWE-78

[email protected]

web.nvd.nist.gov

cve-2019-13650

tp-link

m7350

os command injection

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.4%

JSON

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5).

CPENameOperatorVersion
tp-link:m7350_firmwaretp-link m7350 firmwarele1.0.16

CPE	Name	Operator	Version
tp-link:m7350_firmware	tp-link m7350 firmware	le	1.0.16

References

pastebin.com/yAxBFe05

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.4%

JSON

Related for CVE-2019-13650

cvelist1 prion1