CVE-2023-31188

🗓️ 06 Sep 2023 09:28:18Reported by jpcertType

TP-LINK products vulnerability allows OS command executio

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of TP-Link Archer C20, Archer C55, and Archer C50 router microprogramming software lies in the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.	14 Sep 202300:00	–	bdu_fstec
Circl	CVE-2023-31188	6 Sep 202314:17	–	circl
CNNVD	TP-LINK Archer C50 OS Command Injection Vulnerability	6 Sep 202300:00	–	cnnvd
Cvelist	CVE-2023-31188	6 Sep 202309:28	–	cvelist
EUVD	EUVD-2023-35504	3 Oct 202520:07	–	euvd
NVD	CVE-2023-31188	6 Sep 202310:15	–	nvd
OSV	CVE-2023-31188	6 Sep 202310:15	–	osv
Prion	Design/Logic Flaw	6 Sep 202310:15	–	prion
Positive Technologies	PT-2023-5043 · Tp Link · Archer C50 +2	25 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-31188	9 Jan 202612:32	–	redhatcve

NVD

Node

tp-link archer_c55_firmwareRange<230506

AND

tp-link archer_c55Match-

Node

tp-link archer_c50_v3_firmwareRange<230505

AND

tp-link archer_c50_v3Match-

[
  {
    "vendor": "TP-LINK",
    "product": "Archer C50",
    "versions": [
      {
        "version": "firmware versions prior to 'Archer C50(JP)_V3_230505'",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "TP-LINK",
    "product": "Archer C55",
    "versions": [
      {
        "version": "firmware versions prior to 'Archer C55(JP)_V1_230506'",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "TP-LINK",
    "product": "Archer C20",
    "versions": [
      {
        "version": "firmware versions prior to 'Archer C20(JP)_V1_230616'",
        "status": "affected"
      }
    ]
  }
]

Source	Link
tp-link	www.tp-link.com/jp/support/download/archer-c55/
jvn	www.jvn.jp/en/vu/JVNVU99392903/
tp-link	www.tp-link.com/jp/support/download/archer-c50/v3/
tp-link	www.tp-link.com/jp/support/download/archer-c20/v1/

21 Nov 2024 08:01Current

7.9High risk

Vulners AI Score7.9

CVSS 3.18

EPSS0.00092

SSVC

CWE-78