Er7206 Firmware Security Vulnerabilities and Issues — Er7206 Firmware CVE List

Lucene search

Tp-linkEr7206 Firmware

9 matches found

CVE•added 2024/06/25 2:15 p.m.•49 views

CVE-2024-21827

A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger ...

7.2CVSS7.3AI score0.00112EPSS

CVE•added 2024/02/06 5:15 p.m.•44 views

CVE-2023-47617

A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request ...

7.2CVSS7.3AI score0.00781EPSS

CVE•added 2024/02/06 5:15 p.m.•36 views

CVE-2023-46683

A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated H...

7.2CVSS7.2AI score0.00781EPSS

CVE•added 2024/02/06 5:15 p.m.•35 views

CVE-2023-47209

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to t...

7.2CVSS7.3AI score0.00781EPSS

CVE•added 2024/02/06 5:15 p.m.•35 views

CVE-2023-47618

A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to ...

7.2CVSS7.2AI score0.00251EPSS

CVE•added 2024/02/06 5:15 p.m.•34 views

CVE-2023-47167

A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to tri...

7.2CVSS7.3AI score0.00752EPSS

CVE•added 2024/02/06 5:15 p.m.•32 views

CVE-2023-42664

A post authentication command injection vulnerability exists when setting up the PPTP global configuration of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP ...

7.2CVSS7.3AI score0.00805EPSS

CVE•added 2024/02/06 5:15 p.m.•32 views

CVE-2023-43482

A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulner...

7.2CVSS7.1AI score0.03117EPSS

CVE•added 2024/02/06 5:15 p.m.•31 views

CVE-2023-36498

A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to tr...

7.2CVSS7.3AI score0.00781EPSS