Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication.
oryginał ENCVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTp Link Archer C20
HWTp-Link1Tp Link Archer C20 Firmware
OSTp-Link< 230616
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Powiązane podatności
CVE-2026-0834HIGH7.2ten sam produkt
Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 (TDDP module) allows una...
CVE-2023-30383HIGH7.5ten sam produkt
TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C...
CVE-2025-15551MEDIUM5.9ten sam produkt
The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any requ...
CVE-2025-6542CRITICAL9.3PL ✓ten sam vendor
Zdalne wykonanie poleceń OS bez uwierzytelnienia w routerach TP-Link Omada
CVE-2025-7850CRITICAL9.3PL ✓ten sam vendor
Command injection w bramkach Omada (TP-Link) po uwierzytelnieniu admina