Er7206 Firmware@1.3.0 Security Vulnerabilities and Issues — Er7206 Firmware@1.3.0 CVE List

Lucene search

Tp-linkEr7206 Firmware1.3.0

8 matches found

CVE•added 2024/02/06 5:15 p.m.•43 views

CVE-2023-47617

A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request ...

7.2CVSS7.3AI score0.00449EPSS

CVE•added 2024/02/06 5:15 p.m.•35 views

CVE-2023-46683

A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated H...

7.2CVSS7.2AI score0.00449EPSS

CVE•added 2024/02/06 5:15 p.m.•33 views

CVE-2023-47167

A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to tri...

7.2CVSS7.3AI score0.00449EPSS

CVE•added 2024/02/06 5:15 p.m.•33 views

CVE-2023-47209

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to t...

7.2CVSS7.3AI score0.00449EPSS

CVE•added 2024/02/06 5:15 p.m.•32 views

CVE-2023-47618

A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to ...

7.2CVSS7.2AI score0.00154EPSS

CVE•added 2024/02/06 5:15 p.m.•30 views

CVE-2023-36498

A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to tr...

7.2CVSS7.3AI score0.00449EPSS

CVE•added 2024/02/06 5:15 p.m.•30 views

CVE-2023-42664

A post authentication command injection vulnerability exists when setting up the PPTP global configuration of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP ...

7.2CVSS7.3AI score0.00463EPSS

CVE•added 2024/02/06 5:15 p.m.•29 views

CVE-2023-43482

A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulner...

7.2CVSS7.1AI score0.02589EPSS