GHSA-fcc7-wp4f-5382HighCVSS 7.2

An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN...

Published
June 17, 2026
Last Modified
June 18, 2026

🔗 CVE IDs covered (1)

📋 Description

An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.

🔗 References (5)