VYPR
Unrated severityNVD Advisory· Published Sep 6, 2023· Updated Sep 26, 2024

CVE-2023-36489

CVE-2023-36489

Description

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • TP-Link/Tl Wr841nllm-fuzzy2 versions
    < 'TL-WR841N(JP)_V14_230506'+ 1 more
    • (no CPE)range: < 'TL-WR841N(JP)_V14_230506'
    • (no CPE)range: firmware versions prior to 'TL-WR841N(JP)_V14_230506'
  • TP-Link/TL-WR802Nllm-fuzzy2 versions
    < 'TL-WR802N(JP)_V4_221008'+ 1 more
    • (no CPE)range: < 'TL-WR802N(JP)_V4_221008'
    • (no CPE)range: firmware versions prior to 'TL-WR802N(JP)_V4_221008'
  • TP-Link/TL-WR902ACllm-fuzzy2 versions
    < 'TL-WR902AC(JP)_V3_230506'+ 1 more
    • (no CPE)range: < 'TL-WR902AC(JP)_V3_230506'
    • (no CPE)range: firmware versions prior to 'TL-WR902AC(JP)_V3_230506'

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.