CVE-2024-21827 - OpenCVE

A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Tp-link	Er7206 Er7206 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tp-link:er7206_firmware:1.4.1:build_20240117_rel_57421:*:*:*:*:*:*

cpe:2.3:h:tp-link:er7206:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947

History

Tue, 04 Nov 2025 18:30:00 +0000

Type	Values Removed	Values Added
References		https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947

Tue, 04 Nov 2025 18:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:h:tp-link:er7206:1.4.1:::::::*
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 05 Sep 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link Tp-link er7206 Tp-link er7206 Firmware
CPEs		cpe:2.3:h:tp-link:er7206:-:::::::* cpe:2.3:o:tp-link:er7206_firmware:1.4.1:build_20240117_rel_57421::::::
Vendors & Products		Tp-link Tp-link er7206 Tp-link er7206 Firmware

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2024-06-25T14:01:26.644Z

Updated: 2025-11-04T17:14:15.827Z

Reserved: 2024-02-14T16:25:03.146Z

Link: CVE-2024-21827

Vulnrichment

Updated: 2025-11-04T17:14:15.827Z

NVD

Status : Modified

Published: 2024-06-25T14:15:10.940

Modified: 2025-11-04T18:15:50.580

Link: CVE-2024-21827

Redhat

No data.

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-21827", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2024-02-14T16:25:03.146Z", "datePublished": "2024-06-25T14:01:26.644Z", "dateUpdated": "2025-11-04T17:14:15.827Z"}, "containers": {"cna": {"affected": [{"vendor": "Tp-Link", "product": "ER7206 Omada Gigabit VPN Router", "versions": [{"version": "1.4.1 Build 20240117 Rel.57421", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-489: Leftover Debug Code", "type": "CWE", "cweId": "CWE-489"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-06-25T17:00:06.591Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}], "credits": [{"lang": "en", "value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."}]}, "adp": [{"affected": [{"vendor": "tp-link", "product": "er7206", "cpes": ["cpe:2.3:h:tp-link:er7206:1.4.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.4.1", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T03:55:30.451509Z", "id": "CVE-2024-21827", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T13:04:19.580Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947", "tags": ["x_transferred"]}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T17:14:15.827Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947", "tags": ["x_transferred"]}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T17:14:15.827Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-21827", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-28T03:55:30.451509Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:tp-link:er7206:1.4.1:*:*:*:*:*:*:*"], "vendor": "tp-link", "product": "er7206", "versions": [{"status": "affected", "version": "1.4.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-25T15:50:43.954Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Tp-Link", "product": "ER7206 Omada Gigabit VPN Router", "versions": [{"status": "affected", "version": "1.4.1 Build 20240117 Rel.57421"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}], "descriptions": [{"lang": "en", "value": "A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-489", "description": "CWE-489: Leftover Debug Code"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2024-06-25T17:00:06.591Z"}}}, "cveMetadata": {"cveId": "CVE-2024-21827", "state": "PUBLISHED", "dateUpdated": "2025-11-04T17:14:15.827Z", "dateReserved": "2024-02-14T16:25:03.146Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2024-06-25T14:01:26.644Z", "assignerShortName": "talos"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:er7206_firmware:1.4.1:build_20240117_rel_57421:*:*:*:*:*:*", "matchCriteriaId": "E21970CA-738A-4D2D-92F4-51C56B365A7A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tp-link:er7206:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB65324D-FD72-4C28-92AF-85BFF1E8A993", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de c\u00f3digo de depuraci\u00f3n sobrante en la funcionalidad de depuraci\u00f3n cli_server del enrutador VPN Tp-Link ER7206 Omada Gigabit 1.4.1 Build 20240117 Rel.57421. Una serie de solicitudes de red especialmente manipuladas pueden provocar la ejecuci\u00f3n de comandos arbitrarios. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad."}], "id": "CVE-2024-21827", "lastModified": "2025-11-04T18:15:50.580", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-06-25T14:15:10.940", "references": [{"source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1947"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-489"}], "source": "[email protected]", "type": "Secondary"}]}