CVE-2023-31756
Published: 19 May 2023
Summary
CVE-2023-31756 is a medium-severity OS Command Injection (CWE-78) vulnerability in Tp-Link Archer Vr1600V Firmware. Its CVSS base score is 6.7 (Medium).
Operationally, ranked in the top 7.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
A command injection vulnerability tracked as CVE-2023-31756 affects the administrative web portal in TP-Link Archer VR1600V devices running firmware versions up to and including 0.1.0 0.9.1 v5006.0 Build 220518 Rel.32480n. The flaw, assigned CWE-78, permits an authenticated administrator to supply crafted input via the X_TP_IfName parameter, resulting in execution of arbitrary operating-system commands on the device. It carries a CVSS 3.1 score of 6.7 under the vector AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.
An attacker who has already obtained valid administrator credentials to the web interface can leverage the injection to open an interactive operating-system shell. This grants the ability to read, modify, or delete files, alter device configuration, and potentially pivot to other systems on the local network. The attack requires prior authentication and local access to the management interface rather than unauthenticated remote exploitation.
The associated EPSS score has remained flat at 0.0770 with no material increase since disclosure. Public references point to a technical advisory describing the issue but contain no vendor-supplied patch or mitigation guidance within the provided details.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-36047
Vulnerability details
A command injection vulnerability exists in the administrative web portal in TP-Link Archer VR1600V devices running firmware Versions <= 0.1.0. 0.9.1 v5006.0 Build 220518 Rel.32480n which allows remote attackers, authenticated to the administrative web portal as an administrator user to…
more
open an operating system level shell via the 'X_TP_IfName' parameter.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.