57 matches found
EUVD-2023-47897
Malicious code in bioql PyPI...
EUVD-2023-51728
Malicious code in bioql PyPI...
EUVD-2023-51729
Malicious code in bioql PyPI...
EUVD-2024-19439
Malicious code in bioql PyPI...
EUVD-2023-40447
Malicious code in bioql PyPI...
EUVD-2023-51301
Malicious code in bioql PyPI...
CVE-2023-47167
A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-36498
A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-42664
A post authentication command injection vulnerability exists when setting up the PPTP global configuration of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTT...
CVE-2023-46683
A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated...
CVE-2023-47209
A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-47618
A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request t...
CVE-2023-47617
A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP reques...
TP-LINK ER7206 Command Execution Vulnerability
The TP-LINK ER7206 is a multi-function Gigabit router from China P&L TP-LINK. A command execution vulnerability exists in the TP-Link ER7206 Omada Gigabit VPN Router version 1.4.1 Build 20240117, which stems from the presence of residual debugging code that can be exploited by an attacker to caus...
CVE-2024-21827
A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger...
CVE-2024-21827
A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger...
Tp-Link ER7206 Omada Gigabit VPN Router cli_server debug leftover debug code vulnerability
Talos Vulnerability Report TALOS-2024-1947 Tp-Link ER7206 Omada Gigabit VPN Router cliserver debug leftover debug code vulnerability June 25, 2024 CVE Number CVE-2024-21827 SUMMARY A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN...
TP-LINK ER7206 OS Command Injection Vulnerability (CNVD-2024-13527)
The TP-LINK ER7206 is a multi-function Gigabit router from China P&L TP-LINK. An operating system command injection vulnerability exists in the TP-LINK ER7206 version 1.3.0 build 20230322 Rel.70591, which stems from a specially crafted HTTP request that could lead to arbitrary command injection. ...
TP-LINK ER7206 wireguard VPN Command Injection Vulnerability
The TP-LINK ER7206 is a multi-function Gigabit router from China P&L TP-LINK. The TP-LINK ER7206 wireguard VPN configuration suffers from an input validation vulnerability that can be exploited by a remote attacker to submit a special request that can be used in an application context to execute...
The vulnerability of the uHTTPd web server, a microprogramming-based software for TP-Link ER7206 Omada VPN routers, allows attackers to execute arbitrary commands.
The vulnerability of the uHTTPd web server of the TP-Link ER7206 Omada VPN router exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...