Lucene search

K
cveJpcertCVE-2023-38588
HistorySep 06, 2023 - 10:15 a.m.

CVE-2023-38588

2023-09-0610:15:14
CWE-78
jpcert
web.nvd.nist.gov
15
archer c3150
firmware
vulnerability
command execution
cve-2023-38588
nvd

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0

Percentile

9.6%

Archer C3150 firmware versions prior to ‘Archer C3150(JP)_V2_230511’ allows a network-adjacent authenticated attacker to execute arbitrary OS commands.

Affected configurations

Nvd
Node
tp-linkarcher_c3150_firmwareRange<230511
AND
tp-linkarcher_c3150Match2.0

CNA Affected

[
  {
    "vendor": "TP-LINK",
    "product": "Archer C3150",
    "versions": [
      {
        "version": " firmware versions prior to 'Archer C3150(JP)_V2_230511'",
        "status": "affected"
      }
    ]
  }
]

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0

Percentile

9.6%

Related for CVE-2023-38588