GHSA-xwmq-379c-mhf5HighCVSS 7.2

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration...

Published
June 17, 2026
Last Modified
June 18, 2026

🔗 CVE IDs covered (1)

📋 Description

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.

🔗 References (5)