Lucene search

K
cve[email protected]CVE-2023-33538
HistoryJun 07, 2023 - 4:15 a.m.

CVE-2023-33538

2023-06-0704:15:10
CWE-77
web.nvd.nist.gov
124
cve-2023-33538
tp-link
tl-wr940n
tl-wr841n
tl-wr740n
v2
v4
v8
v10
v1
v2
command injection
vulnerability
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

39.7%

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .

Affected configurations

NVD
Node
tp-linktl-wr940n_firmwareMatch-
AND
tp-linktl-wr940nMatch2.0
OR
tp-linktl-wr940nMatch4.0
Node
tp-linktl-wr841n_firmwareMatch-
AND
tp-linktl-wr841nMatch8.0
OR
tp-linktl-wr841nMatch10.0
Node
tp-linktl-wr740n_firmwareMatch-
AND
tp-linktl-wr740nMatch1.0
OR
tp-linktl-wr740nMatch2.0

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

39.7%

Related for CVE-2023-33538