CVE-2023-40193

Summary

Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.

Affected Software

VendorProductVersion RangeStatus
TP-LINKDeco M4firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619'affected

Weaknesses

  • OS command injection

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References