A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HTp Link Er7206
HWTp-Linkwszystkie wersjeTp Link Er7206 Firmware
OSTp-Link1.4.1
Related vulnerabilities
Zdalne wykonanie poleceń OS bez uwierzytelnienia w routerach TP-Link Omada
Command injection w bramkach Omada (TP-Link) po uwierzytelnieniu admina
An attacker may obtain the root shell on the underlying OS system with the restricted conditions on Omada gate...
An arbitrary OS command may be executed on the product by the user who can log in to the web management interf...
A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit V...