CVE-2020-9374
57Vexday Risk Score
Prioritize patching. It exploitation observed by VulnCheck and has a public proof of concept.
ssvc Actepss 42%
from disclosure to weapon7 days
Published on NVDFeb 24
1st PoC+7d
VulnCheck+2219d
exploitation probability
42%top 1% of all CVEs
observed exploitation
yesVulnCheck
2 public exploit(s)
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
Affected products
n/a · n/apublic PoCs found — 2
cve_referencepacketstormsecurity.com/files/156584/TP-Link-TL-WR849N-Remote-Code-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48155unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.