PT-2023-5275 · Tp Link · Tp-Link Archer A10
Published
2023-09-06
·
Updated
2023-09-11
·
CVE-2023-38568
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TP-Link Archer A10 firmware versions prior to Archer A10(JP) V2 230504
Description
The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands.
Recommendations
For TP-Link Archer A10 firmware versions prior to Archer A10(JP) V2 230504, update the firmware to version Archer A10(JP) V2 230504 or later to resolve the issue.
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tp-Link Archer A10