cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-43137,https://securityvulnerability.io/vulnerability/CVE-2023-43137,Command Injection Vulnerability in TPLINK TL-ER5120G Router,"The TPLINK TL-ER5120G router is susceptible to a command injection vulnerability that arises when an authenticated user adds Access Control List (ACL) rules. Attackers can exploit this flaw by manipulating the rule name parameter, which contains injection points, thereby allowing them to execute arbitrary commands on the device. This vulnerability poses significant risks to the integrity and security of the device's configuration, potentially leading to unauthorized access or a complete compromise of the router.",Tp-link,Tl-er5120g Firmware,8.8,HIGH,0.0011399999493733048,false,false,false,false,,false,false,2023-09-20T00:00:00.000Z,0
CVE-2023-43135,https://securityvulnerability.io/vulnerability/CVE-2023-43135,Unauthorized Access in TP-LINK ER5120G Router,"An unauthorized access vulnerability exists in the TP-LINK ER5120G router, allowing attackers to gain sensitive information without requiring authentication. This flaw can lead to the exposure of user tokens, enabling unauthorized access to the backend management of the device. Consequently, attackers may exploit this vulnerability to manipulate device settings or access sensitive data. It is essential for users of the affected product to implement necessary security measures and follow best practices to mitigate potential risks.",Tp-link,Tl-er5120g Firmware,9.8,CRITICAL,0.007899999618530273,false,false,false,false,,false,false,2023-09-20T00:00:00.000Z,0
CVE-2023-43138,https://securityvulnerability.io/vulnerability/CVE-2023-43138,Command Injection Vulnerability in TPLINK TL-ER5120G Product,"The TPLINK TL-ER5120G device is vulnerable to command injection when an attacker modifies NAPT rules post-authentication. If the rule name contains an injection point, the vulnerability allows unauthorized command execution, potentially compromising the device's integrity and the network it serves.",Tp-link,Tl-er5120g Firmware,8.8,HIGH,0.0011399999493733048,false,false,false,false,,false,false,2023-09-20T00:00:00.000Z,0