Exploit for #VU86209 OS Command Injection in ER7206

Cybersecurity Help s.r.o.

Published: 2024-06-21

Vulnerability identifier: #VU86209

Vulnerability risk: Low

CVSSv4.0: 7.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-43482

CWE-ID: CWE-78

Exploitation vector: Network

Exploits in database: 1

June 21, 2024
- CVE-2023-43482 (TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability) [Github]

Vulnerable software:
ER7206
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: TP-Link