1 results (0.004 seconds)
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38471
https://notcve.org/view.php?id=CVE-2024-38471
04 Jul 2024 — Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi. Múltiples productos TP-LINK permiten a un atacante adyacente a la red con privilegios administrativos ejecutar comandos arbitrarios del sistema operativo mediante la restauración de un archivo de copia de seguridad manipulado. El dispositivo afectado,... • https://jvn.jp/en/vu/JVNVU99784493 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •