Security Advisory

CVE-2023-47209

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-06 16:20:14

Last updated 2025-11-04 18:19:02

Assigner talos

State PUBLISHED

Description

A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗