cbcvebase.
CVE-2023-31188
published 2023-09-06

CVE-2023-31188: Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer…

PriorityP347high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
EPSS
0.40%
31.6th percentile
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'.

Affected

5 ranges
VendorProductVersion rangeFixed in
tp-linkarcher_c20
tp-linkarcher_c50
tp-linkarcher_c50_v3_firmware< 230505230505
tp-linkarcher_c55
tp-linkarcher_c55_firmware< 230506230506
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.