Vulnerabilities > TP Link > TL Er5120G Firmware > 2.0.0

DATE CVE VULNERABILITY TITLE RISK
2023-09-20 CVE-2023-43135 Missing Authorization vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0
There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.
network
low complexity
tp-link CWE-862
critical
 9.8
9.8
2023-09-20 CVE-2023-43137 Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0
TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds ACL rules after authentication, and the rule name parameter has injection points.
network
low complexity
tp-link CWE-77
8.8
8.8
2023-09-20 CVE-2023-43138 Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0
TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point.
network
low complexity
tp-link CWE-77
8.8
8.8