Cyber Resilience

CVE-2023-43482

HighPublic PoCRCE

Published: 06 February 2024

Published
06 February 2024
Modified
04 November 2025
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0555 90.5th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-43482 is a high-severity OS Command Injection (CWE-78) vulnerability in Tp-Link Er7206 Firmware. Its CVSS base score is 7.2 (High).

Operationally, ranked in the top 9.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A command execution vulnerability exists in the guest resource functionality of the Tp-Link ER7206 Omada Gigabit VPN Router version 1.3.0 build 20230322 Rel.70591. The issue, tracked as CVE-2023-43482 and assigned CWE-78, allows a specially crafted HTTP request to trigger arbitrary command execution and carries a CVSS 3.1 score of 7.2 reflecting network-accessible, low-complexity attack conditions that require high privileges.

An authenticated attacker can send a malicious HTTP request to the affected router and obtain full control over the device, resulting in complete compromise of confidentiality, integrity, and availability. The vulnerability is reachable over the network without user interaction once valid administrative credentials are supplied.

Public references consist of detailed reports published by Cisco Talos under TALOS-2023-1850 that describe the flaw and are the primary source for mitigation guidance and any available patches. The associated EPSS score has remained flat at 0.0555 with no material increase since disclosure.

EU & UK References

Vulnerability details

A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request…

more

to trigger this vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

tp-link
er7206 firmware
1.3.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-78

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

addresses: CWE-78

Validates inputs to block special elements that would alter OS command execution.

References