Tp-Link Tl-Er5120G Firmware vulnerabilities
3 known vulnerabilities affecting tp-link/tl-er5120g_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2023-43137P2HIGHCVSS 8.8v2.0.02023-09-20
CVE-2023-43137 [HIGH] CWE-77 CVE-2023-43137: TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an a
TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds ACL rules after authentication, and the rule name parameter has injection points.
nvd
CVE-2023-43138P2HIGHCVSS 8.8v2.0.02023-09-20
CVE-2023-43138 [HIGH] CWE-77 CVE-2023-43138: TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an a
TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point.
nvd
CVE-2023-43135P3CRITICALCVSS 9.8v2.0.02023-09-20
CVE-2023-43135 [CRITICAL] CWE-862 CVE-2023-43135: There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n,
There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.
nvd