CVE-2023-43138

TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:tl-er5120g_firmware:2.0.0:build_210817:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-er5120g:4.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:23

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-20 20:15

Updated : 2024-11-21 08:23


NVD link : CVE-2023-43138

Mitre link : CVE-2023-43138

CVE.ORG link : CVE-2023-43138


JSON object : View

Products Affected

tp-link

  • tl-er5120g
  • tl-er5120g_firmware
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')