3 matches found
CVE-2023-47167
A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-47167
A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to...
CVE-2023-47167
Summary (concrete details from sources): CVE-2023-47167 affects the Tp-Link ER7206 Omada Gigabit VPN Router (version 1.3.0 build 20230322 Rel.70591). A post-authentication vulnerability exists in the GRE policy functionality via the device’s web interface (uhttpd). A specially crafted HTTP POST r...