First published: Wed Sep 06 2023(Updated: )
Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Deco M4 Firmware | <1.5.8 | |
Tp-link Deco M4 | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-40193 is a vulnerability in Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' that allows a network-adjacent authenticated attacker to execute arbitrary OS commands.
The severity of CVE-2023-40193 is high, with a severity value of 8.
An attacker can exploit CVE-2023-40193 by being network-adjacent and authenticated, allowing them to execute arbitrary OS commands.
Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' are affected by CVE-2023-40193.
To fix CVE-2023-40193, update your Deco M4 firmware to at least 'Deco M4(JP)_V2_1.5.8 Build 20230619'.