TP-Link MR3020 v.1_150921 Command Injection Vulnerability

TP-Link MR3020 v.1_150921 Command Injection Vulnerability

CVE-2023-27078 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint.

Learn more about our Web Application Penetration Testing UK.