Vulnerability Description
Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Archer C1200 Firmware | < 230508 |
| Tp-Link | Archer C1200 | 2.0 |
| Tp-Link | Archer C9 Firmware | < 230508 |
| Tp-Link | Archer C9 | 2.0 |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/vu/JVNVU99392903/Third Party Advisory
- https://www.tp-link.com/jp/support/download/archer-c1200/#FirmwareProduct
- https://www.tp-link.com/jp/support/download/archer-c9/v3/#FirmwareProduct
- https://jvn.jp/en/vu/JVNVU99392903/Third Party Advisory
- https://www.tp-link.com/jp/support/download/archer-c1200/#FirmwareProduct
- https://www.tp-link.com/jp/support/download/archer-c9/v3/#FirmwareProduct
FAQ
What is CVE-2023-38563?
CVE-2023-38563 is a vulnerability with a CVSS score of 8.8 (HIGH). Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arb...
How severe is CVE-2023-38563?
CVE-2023-38563 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-38563?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Archer C1200 Firmware, Tp-Link Archer C1200, Tp-Link Archer C9 Firmware, Tp-Link Archer C9.