Lucene search

[email protected]NVD:CVE-2023-32619

HistorySep 06, 2023 - 10:15 a.m.

CVE-2023-32619

2023-09-0610:15:13

CWE-798

[email protected]

web.nvd.nist.gov

cve-2023-32619

hard-coded credentials

network-adjacent

unauthenticated attacker

arbitrary os command

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.4%

JSON

Archer C50 firmware versions prior to ‘Archer C50(JP)_V3_230505’ and Archer C55 firmware versions prior to ‘Archer C55(JP)_V1_230506’ use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.

Affected configurations

NVD

Node

tp-linkarcher_c55_firmwareRange<230506

AND

tp-linkarcher_c55Match-

Node

tp-linkarcher_c50_v3_firmwareRange<230505

AND

tp-linkarcher_c50_v3Match-

References

jvn.jp/en/vu/JVNVU99392903/

www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware

www.tp-link.com/jp/support/download/archer-c55/#Firmware

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.4%

JSON

Related for NVD:CVE-2023-32619

cvelist1 cve1 prion1