CVE-2023-39224 - Vulnerability Details - OpenCVE

Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Tp-link	Archer C5 Archer C7 Archer C7 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tp-link:archer_c7_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:archer_c7:2.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU99392903/
https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware

History

Thu, 26 Sep 2024 21:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link archer C5
CPEs		cpe:2.3:h:tp-link:archer_c5:-:::::::* cpe:2.3:o:tp-link:archer_c7_firmware:-:::::::*
Vendors & Products		Tp-link archer C5
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2023-09-06T09:22:59.282Z

Updated: 2024-09-26T20:13:06.770Z

Reserved: 2023-08-15T07:33:33.886Z

Link: CVE-2023-39224

Vulnrichment

Updated: 2024-08-02T18:02:06.563Z

NVD

Status : Modified

Published: 2023-09-06T10:15:14.587

Modified: 2024-11-21T08:14:56.990

Link: CVE-2023-39224

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-39224", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2023-08-15T07:33:33.886Z", "datePublished": "2023-09-06T09:22:59.282Z", "dateUpdated": "2024-09-26T20:13:06.770Z"}, "containers": {"cna": {"affected": [{"vendor": "TP-LINK", "product": "Archer C5", "versions": [{"version": "firmware all versions", "status": "affected"}]}, {"vendor": "TP-LINK", "product": "Archer C7", "versions": [{"version": "firmware versions prior to 'Archer C7(JP)_V2_230602'", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided."}], "problemTypes": [{"descriptions": [{"description": "OS command injection", "lang": "en", "type": "text"}]}], "references": [{"url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"}, {"url": "https://jvn.jp/en/vu/JVNVU99392903/"}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2023-09-06T09:22:59.282Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:02:06.563Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU99392903/", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "tp-link", "product": "archer_c5", "cpes": ["cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "tp-link", "product": "archer_c7_firmware", "cpes": ["cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "v2_230602", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-26T20:11:36.456112Z", "id": "CVE-2023-39224", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T20:13:06.770Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU99392903/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:02:06.563Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39224", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-26T20:11:36.456112Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*"], "vendor": "tp-link", "product": "archer_c5", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*"], "vendor": "tp-link", "product": "archer_c7_firmware", "versions": [{"status": "affected", "version": "v2_230602"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-26T20:12:58.563Z"}}], "cna": {"affected": [{"vendor": "TP-LINK", "product": "Archer C5", "versions": [{"status": "affected", "version": "firmware all versions"}]}, {"vendor": "TP-LINK", "product": "Archer C7", "versions": [{"status": "affected", "version": "firmware versions prior to 'Archer C7(JP)_V2_230602'"}]}], "references": [{"url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"}, {"url": "https://jvn.jp/en/vu/JVNVU99392903/"}], "descriptions": [{"lang": "en", "value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "OS command injection"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2023-09-06T09:22:59.282Z"}}}, "cveMetadata": {"cveId": "CVE-2023-39224", "state": "PUBLISHED", "dateUpdated": "2024-09-26T20:13:06.770Z", "dateReserved": "2023-08-15T07:33:33.886Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2023-09-06T09:22:59.282Z", "assignerShortName": "jpcert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:archer_c7_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F37BD5C-4B5B-4DB2-81DB-249D53A3CD43", "versionEndExcluding": "230602", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:archer_c7:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "27AE1E18-D939-4DB3-984A-85CB4962861C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided."}, {"lang": "es", "value": "Todas las versiones del firmware Archer C5 y las versiones del firmware Archer C7 anteriores a 'Archer C7(JP)_V2_230602' permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Tenga en cuenta que Archer C5 ya no est\u00e1 soportado, por lo tanto, no se proporciona la actualizaci\u00f3n para este producto.\n"}], "id": "CVE-2023-39224", "lastModified": "2024-11-21T08:14:56.990", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-06T10:15:14.587", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU99392903/"}, {"source": "vultures@jpcert.or.jp", "tags": ["Product"], "url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU99392903/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}