CVE-2023-38563

Summary

Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.

Affected Software

VendorProductVersion RangeStatus
TP-LINKArcher C1200firmware versions prior to 'Archer C1200(JP)_V2_230508'affected
TP-LINKArcher C9firmware versions prior to 'Archer C9(JP)_V3_230508'affected

Weaknesses

  • OS command injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References