Lucene search

[email protected]NVD:CVE-2023-31700

HistoryMay 17, 2023 - 2:15 p.m.

CVE-2023-31700

2023-05-1714:15:09

CWE-77

[email protected]

web.nvd.nist.gov

tp-link

tl-wpa4530

command injection

vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.8%

JSON

TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceAdd.

Affected configurations

NVD

Node

tp-linktl-wpa4530_kit_firmwareMatch161115

tp-linktl-wpa4530_kit_firmwareMatch170406

AND

tp-linktl-wpa4530_kitMatchv2

References

github.com/FirmRec/IoT-Vulns/blob/main/tp-link/postPlcJson/report.md

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.8%

JSON

Related for NVD:CVE-2023-31700

cve1 cvelist1 prion1