CVE-2024-21827 (GCVE-0-2024-21827)

Vulnerability from cvelistv5 – Published: 2024-06-25 14:01 – Updated: 2025-11-04 17:14
VLAI?
Summary
A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Tp-Link ER7206 Omada Gigabit VPN Router Affected: 1.4.1 Build 20240117 Rel.57421
Create a notification for this product.
Credits
Discovered by the Vulnerability Discovery and Research team of Cisco Talos.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:h:tp-link:er7206:1.4.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "er7206",
            "vendor": "tp-link",
            "versions": [
              {
                "status": "affected",
                "version": "1.4.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-21827",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T03:55:30.451509Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T13:04:19.580Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:14:15.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
          },
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ER7206 Omada Gigabit VPN Router",
          "vendor": "Tp-Link",
          "versions": [
            {
              "status": "affected",
              "version": "1.4.1 Build 20240117 Rel.57421"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489: Leftover Debug Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-25T17:00:06.591Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2024-21827",
    "datePublished": "2024-06-25T14:01:26.644Z",
    "dateReserved": "2024-02-14T16:25:03.146Z",
    "dateUpdated": "2025-11-04T17:14:15.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de c\\u00f3digo de depuraci\\u00f3n sobrante en la funcionalidad de depuraci\\u00f3n cli_server del enrutador VPN Tp-Link ER7206 Omada Gigabit 1.4.1 Build 20240117 Rel.57421. Una serie de solicitudes de red especialmente manipuladas pueden provocar la ejecuci\\u00f3n de comandos arbitrarios. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad.\"}]",
      "id": "CVE-2024-21827",
      "lastModified": "2024-11-21T08:55:04.703",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"talos-cna@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}]}",
      "published": "2024-06-25T14:15:10.940",
      "references": "[{\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\", \"source\": \"talos-cna@cisco.com\"}, {\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "talos-cna@cisco.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"talos-cna@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-489\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-21827\",\"sourceIdentifier\":\"talos-cna@cisco.com\",\"published\":\"2024-06-25T14:15:10.940\",\"lastModified\":\"2025-11-04T18:15:50.580\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de c\u00f3digo de depuraci\u00f3n sobrante en la funcionalidad de depuraci\u00f3n cli_server del enrutador VPN Tp-Link ER7206 Omada Gigabit 1.4.1 Build 20240117 Rel.57421. Una serie de solicitudes de red especialmente manipuladas pueden provocar la ejecuci\u00f3n de comandos arbitrarios. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-489\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:tp-link:er7206_firmware:1.4.1:build_20240117_rel_57421:*:*:*:*:*:*\",\"matchCriteriaId\":\"E21970CA-738A-4D2D-92F4-51C56B365A7A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:tp-link:er7206:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB65324D-FD72-4C28-92AF-85BFF1E8A993\"}]}]}],\"references\":[{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\", \"name\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T17:14:15.827Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-21827\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-28T03:55:30.451509Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:h:tp-link:er7206:1.4.1:*:*:*:*:*:*:*\"], \"vendor\": \"tp-link\", \"product\": \"er7206\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.4.1\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-25T15:50:43.954Z\"}}], \"cna\": {\"credits\": [{\"lang\": \"en\", \"value\": \"Discovered by the Vulnerability Discovery and Research team of Cisco Talos.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Tp-Link\", \"product\": \"ER7206 Omada Gigabit VPN Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.4.1 Build 20240117 Rel.57421\"}]}], \"references\": [{\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\", \"name\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-489\", \"description\": \"CWE-489: Leftover Debug Code\"}]}], \"providerMetadata\": {\"orgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"shortName\": \"talos\", \"dateUpdated\": \"2024-06-25T17:00:06.591Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-21827\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T17:14:15.827Z\", \"dateReserved\": \"2024-02-14T16:25:03.146Z\", \"assignerOrgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"datePublished\": \"2024-06-25T14:01:26.644Z\", \"assignerShortName\": \"talos\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.