Filtered by vendor Tp-link Subscriptions
Filtered by product Er7206 Firmware Subscriptions
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-47618 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post authentication command execution vulnerability exists in the web filtering functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-47617 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post authentication command injection vulnerability exists when configuring the web group member of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-47209 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-47167 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post authentication command injection vulnerability exists in the GRE policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-46683 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-43482 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-42664 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post authentication command injection vulnerability exists when setting up the PPTP global configuration of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2023-36498 1 Tp-link 2 Er7206, Er7206 Firmware 2024-11-21 7.2 High
A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability and gain access to an unrestricted shell.