CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39471

TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ated_tp service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21825.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.9%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2023-39471

Tp-Link » Tl-Wr840n » Version: 6.20

cpe:2.3:h:tp-link:tl-wr840n:6.20
Tp-Link » Tl-Wr841n » Version: v14

cpe:2.3:h:tp-link:tl-wr841n:v14
Tp-Link » Tl-Wr840n Firmware » Version: N/A

cpe:2.3:o:tp-link:tl-wr840n_firmware:-
Tp-Link » Tl-Wr840n Firmware » Version: 0.9.1

cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1
Tp-Link » Tl-Wr840n Firmware » Version: 0.9.1.4.16

cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1.4.16
Tp-Link » Tl-Wr840n Firmware » Version: 0.9.1_3.16

cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1_3.16
Tp-Link » Tl-Wr840n Firmware » Version: 0.9.1_4.17_v0001.0

cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1_4.17_v0001.0
Tp-Link » Tl-Wr840n Firmware » Version: 3.13.27

cpe:2.3:o:tp-link:tl-wr840n_firmware:3.13.27
Tp-Link » Tl-Wr840n Firmware » Version: 6.20_180709

cpe:2.3:o:tp-link:tl-wr840n_firmware:6.20_180709
Tp-Link » Tl-Wr840n Firmware » Version: 6_eu_0.9.1_4.16

cpe:2.3:o:tp-link:tl-wr840n_firmware:6_eu_0.9.1_4.16
Tp-Link » Tl-Wr841n Firmware » Version: N/A

cpe:2.3:o:tp-link:tl-wr841n_firmware:-
Tp-Link » Tl-Wr841n Firmware » Version: 0.9.1_4.16

cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16
Tp-Link » Tl-Wr841n Firmware » Version: 0.9.1_4.18

cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.18
Tp-Link » Tl-Wr841n Firmware » Version: 150310

cpe:2.3:o:tp-link:tl-wr841n_firmware:150310
Tp-Link » Tl-Wr841n Firmware » Version: 150616

cpe:2.3:o:tp-link:tl-wr841n_firmware:150616
Tp-Link » Tl-Wr841n Firmware » Version: 201216

cpe:2.3:o:tp-link:tl-wr841n_firmware:201216
Tp-Link » Tl-Wr841n Firmware » Version: 230506

cpe:2.3:o:tp-link:tl-wr841n_firmware:230506
Tp-Link » Tl-Wr841n Firmware » Version: 3.13.9

cpe:2.3:o:tp-link:tl-wr841n_firmware:3.13.9
Tp-Link » Tl-Wr841n Firmware » Version: 3.16.9

cpe:2.3:o:tp-link:tl-wr841n_firmware:3.16.9
Tp-Link » Tl-Wr841n Firmware » Version: 4.17.16_build_120201_rel.54750n

cpe:2.3:o:tp-link:tl-wr841n_firmware:4.17.16_build_120201_rel.54750n

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39471

Products

Pricing

Contact Us