CVE-2023-38568: OS Command Injection
First published: Wed Sep 06 2023(Updated: )
Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504' allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tp-link Archer A10 Firmware | <230504 | |
| Tp-link Archer A10 | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of Archer A10 firmware?
The vulnerability ID of Archer A10 firmware is CVE-2023-38568.
What is the severity rating of CVE-2023-38568?
The severity rating of CVE-2023-38568 is high (8.8).
How does Archer A10 firmware prior to Archer A10(JP)_V2_230504 allow an attacker to execute arbitrary OS commands?
Archer A10 firmware versions prior to Archer A10(JP)_V2_230504 allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.
What software versions are affected by CVE-2023-38568?
Archer A10 firmware versions prior to Archer A10(JP)_V2_230504 are affected by CVE-2023-38568.
How can I fix the vulnerability in Archer A10 firmware?
To fix the vulnerability in Archer A10 firmware, update to version Archer A10(JP)_V2_230504 or later.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/tp-link
- canonical/tp-link archer a10 firmware
- canonical/tp-link archer a10
- version/tp-link archer a10/2.0