чной Code Injection Vulnerability Affects TP-Link Routers
CVE-2023-39471
7.5HIGH
What is CVE-2023-39471?
The TP-Link TL-WR841N router is vulnerable to a command injection issue within the ated_tp service, which permits network-adjacent attackers to execute arbitrary code on affected installations. The vulnerability stems from insufficient validation of user input before it is utilized in system calls. Notably, exploitation of this flaw does not require authentication, potentially allowing unauthorized users to run arbitrary code with root privileges. This significantly compromises the integrity and security of the affected devices.
Affected Version(s)
TL-WR841N 4.19