CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37284

Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 3.8%

CVSS Severity

CVSS v3 Score 8.8

References

https://jvn.jp/en/vu/JVNVU99392903/
https://www.tp-link.com/jp/support/download/archer-c20/v1/#Firmware
https://jvn.jp/en/vu/JVNVU99392903/
https://www.tp-link.com/jp/support/download/archer-c20/v1/#Firmware

Products affected by CVE-2023-37284

Tp-Link » Archer C20 » Version: 1

cpe:2.3:h:tp-link:archer_c20:1
Tp-Link » Archer C20 Firmware » Version: 150707

cpe:2.3:o:tp-link:archer_c20_firmware:150707

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37284

Products

Pricing

Contact Us