cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21827,https://securityvulnerability.io/vulnerability/CVE-2024-21827,Leftover Debug Code Vulnerability Allows Arbitrary Command Execution,The Tp-Link ER7206 Omada Gigabit VPN Router contains a leftover debug code vulnerability in its cli_server debug functionality. Attackers can exploit this weakness by sending carefully crafted network requests that may lead to arbitrary command execution on the device. This flaw underscores the importance of immediate updates and security measures to safeguard against potential exploitation.,Tp-link,Er7206 Omada Gigabit Vpn Router,7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-25T14:01:26.644Z,0
CVE-2023-43482,https://securityvulnerability.io/vulnerability/CVE-2023-43482,Arbitrary Command Execution Vulnerability in Tp-Link Omada Gigabit VPN Router,"A vulnerability exists within the guest resource functionality of the Tp-Link ER7206 Omada Gigabit VPN Router that could allow an attacker to execute arbitrary commands. This flaw is triggered through specially crafted HTTP requests made by an authenticated user. Exploitation of this vulnerability may lead to unauthorized command execution, posing a significant risk to the integrity and security of affected systems. Users are strongly advised to implement appropriate security measures to mitigate potential threats.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.0004199999966658652,false,,false,false,true,2024-03-31T11:04:34.000Z,true,false,false,,2024-02-06T16:20:15.812Z,0
CVE-2023-36498,https://securityvulnerability.io/vulnerability/CVE-2023-36498,Post-Authentication Command Injection Vulnerability Affects Tp-Link ER7206 Omada Gigabit VPN Router,"A command injection vulnerability is present in the PPTP client functionality of the Tp-Link ER7206 Omada Gigabit VPN Router. This vulnerability can be exploited through a specially crafted HTTP request made by an authenticated user, leading to arbitrary command execution. An attacker could leverage this flaw to gain unauthorized access to an unrestricted command shell, potentially compromising the integrity and security of the device.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2024-02-06T16:20:15.386Z,0
CVE-2023-47209,https://securityvulnerability.io/vulnerability/CVE-2023-47209,Post-Authentication Command Injection Vulnerability Affects Tp-Link ER7206 Omada Gigabit VPN Router,"A post authentication command injection vulnerability exists in the ipsec policy functionality of the Tp-Link ER7206 Omada Gigabit VPN Router, specifically in version 1.3.0 build 20230322 Rel.70591. The vulnerability arises when an attacker sends a specially crafted HTTP request after successful authentication, leading to potential execution of arbitrary commands. This can compromise the integrity and security of the device and the network it manages. Organizations using this router must apply security practices to mitigate risks associated with this flaw.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2024-02-06T16:20:14.973Z,0
CVE-2023-47167,https://securityvulnerability.io/vulnerability/CVE-2023-47167,Post-Authentication Command Injection Vulnerability Affects Tp-Link ER7206 Omada Gigabit VPN Router,"A post authentication command injection vulnerability exists in the GRE policy functionality of the Tp-Link ER7206 Omada Gigabit VPN Router. By sending a specially crafted HTTP request, an attacker can exploit this vulnerability to execute arbitrary commands on the affected device. This unauthorized command injection can lead to compromised system integrity and unauthorized access to network resources. Users are advised to apply security patches and closely monitor their network devices to mitigate potential risks associated with this vulnerability.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2024-02-06T16:20:14.536Z,0
CVE-2023-42664,https://securityvulnerability.io/vulnerability/CVE-2023-42664,Post Authentication Command Injection Vulnerability in Tp-Link ER7206 Omada Gigabit VPN Router,"A post authentication command injection vulnerability exists in the setup of the PPTP global configuration for the Tp-Link ER7206 Omada Gigabit VPN Router. By sending a specially crafted HTTP request, an attacker with valid credentials can exploit this vulnerability to execute arbitrary commands on the affected device. This could lead to unauthorized access or control over the router's functionalities, compromising the security of the network it protects.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2024-02-06T16:20:13.968Z,0
CVE-2023-46683,https://securityvulnerability.io/vulnerability/CVE-2023-46683,Post-Authentication Command Injection Vulnerability Affects Tp-Link ER7206 Omada Gigabit VPN Router,"A vulnerability exists in the Tp-Link ER7206 Omada Gigabit VPN Router where an authenticated user can exploit a flaw related to command injection during the configuration of the WireGuard VPN functionality. Specifically, by sending a specially crafted HTTP request, an attacker can execute arbitrary commands on the router, potentially compromising the device's integrity and security. This vulnerability highlights the importance of secure configurations and proper input validation in network devices.",Tp-link,Er7206 Omada Gigabit Vpn Router,7.2,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2024-02-06T16:20:13.525Z,0
CVE-2023-47617,https://securityvulnerability.io/vulnerability/CVE-2023-47617,Post-Authentication Command Injection Vulnerability in Tp-Link Omada Gigabit VPN Router,"A post authentication command injection vulnerability exists in the configuration of the web group member for the Tp-Link ER7206 Omada Gigabit VPN Router. This vulnerability allows an attacker to send specially crafted HTTP requests that can lead to arbitrary command injection. Successful exploitation of this issue requires authentication, but once exploited, it enables an attacker to execute unauthorized commands on the affected device. Users of the affected products should prioritize reviewing their configurations and apply applicable patches to mitigate the risk associated with this vulnerability.",Tp-link,Er7206 Omada Gigabit Vpn Router,7.2,HIGH,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-02-06T16:20:13.079Z,0
CVE-2023-47618,https://securityvulnerability.io/vulnerability/CVE-2023-47618,Post-Authentication Command Execution Vulnerability in Tp-Link Omada Gigabit VPN Router,"A significant security flaw in the web filtering functionality of the Tp-Link ER7206 Omada Gigabit VPN Router allows for post authentication command execution. By sending a specially crafted HTTP request, attackers with valid credentials can exploit this vulnerability to execute arbitrary commands on the affected device. The issue underscores the importance of securing routers and ensuring that all configurations and updates are routinely monitored for potential threats.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-02-06T16:20:12.604Z,0