Security Advisory

CVE-2023-46683

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-06 16:20:13

Last updated 2025-11-04 18:18:47

Assigner talos

State PUBLISHED

Description

A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make an authenticated HTTP request to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗