CVE-2023-37284

Summary

Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication.

Affected Software

VendorProductVersion RangeStatus
TP-LINKArcher C20firmware versions prior to 'Archer C20(JP)_V1_230616'affected

Weaknesses

  • Improper authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References