Feb. 5, 2024, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.8. The following CVEs are assigned: CVE-2024-1180.

access access control arbitrary code attackers authentication code code execution command command injection control cve cves cvss exploit injection link network omada rating remote code remote code execution tp-link vulnerability zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

DevSecOps Automation Engineer

@ Peraton | Offutt AFB, NE, United States

Privacy Officer - Engagement & Support

@ Nova Scotia Health Authority | Halifax, NS, CA, B3H 2Y9

Life Sciences Industry Consultant

@ Emerson | ENGLAND, United Kingdom

Consultant, Valuation Services

@ Kroll | Mumbai, India

OT Security Architect

@ Essar Oil (UK) Limited | Cheshire, GB, CH65 4HB

Senior Information Security Advisor (Cloud)

@ Scotiabank | Toronto, ON, CA, M1K5L1