Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-36489

UNKNOWN
Published 2023-09-06T09:35:41.575Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-36489. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

TP-LINK

TL-WR802N

Affected Versions:

firmware versions prior to 'TL-WR802N(JP)_V4_221008'
TP-LINK

TL-WR841N

Affected Versions:

firmware versions prior to 'TL-WR841N(JP)_V14_230506'
TP-LINK

TL-WR902AC

Affected Versions:

firmware versions prior to 'TL-WR902AC(JP)_V3_230506'
tp-link

tl-wr802n_firmware

Affected Versions:

221008
tp-link

tl-wr841n_firmware

Affected Versions:

0
tp-link

tl-wr902ac_firmware

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-qcp8-w359-4v36

Advisory Details

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-36489
WEB https://jvn.jp/en/vu/JVNVU99392903
WEB https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware
WEB https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware
WEB https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware

Advisory provided by GitHub Security Advisory Database. Published: September 6, 2023, Modified: April 4, 2024

References

https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware
https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware
https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware
https://jvn.jp/en/vu/JVNVU99392903/
Published: 2023-09-06T09:35:41.575Z
Last Modified: 2024-09-26T20:03:19.698Z
Copied to clipboard!