Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2024-23673 – Apache Sling Servlets Resolver Vulnerability
February 7, 2024
Rewterz
Rewterz Threat Alert – HijackLoader 2.0: Deciphering Advanced Evasion Techniques – Active IOCs
February 8, 2024

Rewterz Threat Advisory – Multiple TP-Link ER7206 Router Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-47209 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the ipsec policy function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-46683 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the ipsec policy function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-36498 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the PPTP client function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-43482 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the guest resource function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-47167 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the GRE policy function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-47617 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw when configuring the web group member. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-42664 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw when setting up the PPTP global configuration. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2023-47618 CVSS:7.2

TP-Link ER7206 Omada Gigabit VPN Router could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the web filtering function. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

  • Gain Access

Indicators Of Compromise

CVE

  • CVE-2023-47209
  • CVE-2023-46683
  • CVE-2023-36498
  • CVE-2023-43482
  • CVE-2023-47167
  • CVE-2023-47617
  • CVE-2023-42664
  • CVE-2023-47618

Affected Vendors

TP-Link

Affected Products

  • TP-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591

Remediation

Refer to TP-Link Website for patch, upgrade, or suggested workaround information.

TP-Link Website