Description

Command Injection vulnerability in TP-Link WA850RE (httpd modules) allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.

Related CPE's

Could not find any relations

References

https://blog.exodusintel.com/2022/06/23/tp-link-wa850re-remote-command-injection-vulnerability/

https://www.tp-link.com/us/support/download/tl-wa850re/v2/#Firmware

https://www.tp-link.com/us/support/download/tl-wa850re/v3/#Firmware

https://www.tp-link.com/us/support/faq/4848/

Weaknesses

f23511db-6c3e-4e32-a477-6aa17d310630

Secondary
CWE-78

CVSS impact metrics

Missing metrics for CVSS V

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

f23511db-6c3e-4e32-a477-6aa17d310630

Vulnerability status

Awaiting analysis

Published

2025-12-18T18:15:45.027

26 hours ago

Last modified

2025-12-19T18:00:18.330

3 hours ago