{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T18:38:41.070","vulnerabilities":[{"cve":{"id":"CVE-2023-49133","sourceIdentifier":"talos-cna@cisco.com","published":"2024-04-09T15:15:29.003","lastModified":"2025-11-04T19:16:08.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1350 Wireless MU-MIMO Gigabit Access Point."},{"lang":"es","value":"Existe una vulnerabilidad de ejecución de comando en la funcionalidad tddpd enable_test_mode del punto de acceso Gigabit MU-MIMO inalámbrico Tp-Link AC1350 (EAP225 V3) v5.1.0 compilación 20220926 y el punto de acceso inalámbrico Tp-Link N300 (EAP115 V4) v5.0.4 compilación 20220216. Una serie de solicitudes de red especialmente manipuladas pueden conducir a la ejecución de comandos arbitrarios. Un atacante puede enviar una secuencia de paquetes no autenticados para desencadenar esta vulnerabilidad. Esta vulnerabilidad afecta a \"uclited\" en el EAP225(V3) 5.1.0 Build 20220926 del punto de acceso Gigabit MU-MIMO inalámbrico AC1350."}],"metrics":{"cvssMetricV31":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"talos-cna@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-829"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:eap225_firmware:5.1.0:*:*:*:*:*:*:*","matchCriteriaId":"15CAB41B-D47A-42E1-AEFB-9E342492E231"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:eap225:v3:*:*:*:*:*:*:*","matchCriteriaId":"07736B46-7E3D-4E45-A554-440470FEE33B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:eap115_firmware:5.0.4:*:*:*:*:*:*:*","matchCriteriaId":"0FF9ABB5-A353-4491-B928-50C0843D9597"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:eap115:v4:*:*:*:*:*:*:*","matchCriteriaId":"1E0DB1CB-D156-4AE2-A815-B653A7D797FB"}]}]}],"references":[{"url":"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1862","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"https:\/\/talosintelligence.com\/vulnerability_reports\/TALOS-2023-1862","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https:\/\/www.talosintelligence.com\/vulnerability_reports\/TALOS-2023-1862","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}