The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability.
9.8CVSS
9.6AI Score
0.001EPSS
The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities.
8.8CVSS
8.9AI Score
0.001EPSS
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5).
9.8CVSS
9.7AI Score
0.005EPSS
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5).
9.8CVSS
9.7AI Score
0.005EPSS
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5).
9.8CVSS
9.7AI Score
0.004EPSS
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5).
9.8CVSS
9.7AI Score
0.005EPSS
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5).
9.8CVSS
9.7AI Score
0.001EPSS
The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability.
9.8CVSS
9.7AI Score
0.002EPSS