8.8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.0%
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has pre-specified target devices and blocked URLs in parental control settings.
jvn.jp/en/vu/JVNVU91401812/
www.tp-link.com/jp/support/download/archer-air-r5/v1/#Firmware
www.tp-link.com/jp/support/download/archer-ax3000/#Firmware
www.tp-link.com/jp/support/download/archer-ax5400/#Firmware
www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware
www.tp-link.com/jp/support/download/deco-xe200/#Firmware
8.8 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
38.0%