AI description
CVE-2023-33538 is a command injection vulnerability found in TP-Link routers, specifically the TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 models. The vulnerability exists within the `/userRpm/WlanNetworkRpm` component. This vulnerability allows an attacker to inject arbitrary commands into the system by manipulating an unknown input. Successful exploitation could lead to a compromise of confidentiality, integrity, and availability of the affected device. CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, indicating active exploitation in the wild.
- Description
- TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- TP-Link Multiple Routers Command Injection Vulnerability
- Exploit added on
- Jun 16, 2025
- Exploit action due
- Jul 7, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
66
#CVE-2023-33538 TP-Link Multiple Routers Command #Injection #Vulnerability https://t.co/QtbSrWWj1Y
@ScyScan
18 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Security Alert: CVE-2023-33538 exposes command injection vulnerabilities in multiple TP-Link routers. Users should consider discontinuing use or applying vendor mitigations. Stay safe online! 🔒💻 #CyberSecurity #Vulnerability #TPLink @FreedomCoder https://t.co/kYksgjOcm
@prod42net
18 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨TP-Linkルーターにおけるコマンドインジェクションの脆弱性が攻撃で悪用されている:CISAが警告(CVE-2023-33538) ⚠️ClickFixマルウェアの新種「LightPerlGirl」が見つかる 〜サイバーアラート 6月18日〜 https://t.c
@MachinaRecord
18 Jun 2025
112 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
TP-Linkルーターの脆弱性CVE-2023-33538が悪用中CISAが警告 https://t.co/AmcGp1Fbqv #Security #セキュリティ #ニュース
@SecureShield_
18 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA just flagged a live exploit in TP-Link routers (CVE-2023-33538, CVSS 8.8) — attackers can run system commands remotely. Worse? Many affected models may be end-of-life, with no fix coming.
@Aizendcom
17 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TP-Link Router #flaw #CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert https://t.co/mODWoxdrHN
@AdliceSoftware
17 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
آژانس امنیت سایبری آمریکا (CISA) آسیبپذیری شدید امنیتی CVE-2023-33538 در روترهای بیسیم TP-Link را به فهرست آسیبپذیریهای شناخته شده و سوءاستفاده شده (KEV) اضافه کر
@Teeegra
17 Jun 2025
1169 Impressions
3 Retweets
30 Likes
8 Bookmarks
0 Replies
0 Quotes
CVE-2023-33538 is now being actively exploited - time to check your router! https://t.co/P8SJukgtp9
@CSec88
17 Jun 2025
76 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2023-33538 leaves TP-Link routers vulnerable to command injection; immediate patching is recommended by #CISA. More below: https://t.co/0JQtlGtiae
@NetizenCorp
17 Jun 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Active exploitation of a two-year-old vulnerability (CVE-2023-33538) affects discontinued TP-Link routers like TL-WR940N, TL-WR841N & TL-WR740N. CISA urges discontinuation—proof-of-concept code was removed from GitHub. ⚠️ #RouterRisk #CyberAlert https://t.co/VOLHeVLlBE
@TweetThreatNews
17 Jun 2025
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert https://t.co/P5zdkVVfFF https://t.co/TzPVFy3agd
@talentxfactor
17 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert https://t.co/fpnIOQ267u https://t.co/UGJjiUyGQq
@TonyBeeTweets
17 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert https://t.co/YPpYzUdtFj
@Dinosn
17 Jun 2025
4897 Impressions
38 Retweets
82 Likes
26 Bookmarks
0 Replies
0 Quotes
The Hacker News - TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert https://t.co/jwPeQFjfa7
@buzz_sec
17 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أصدرت وكالة الأمن السيبراني الأمريكية (CISA) تنبيهًا بشأن ثغرة أمنية عالية الخطورة في أجهزة توجيه TP-Link، وهي CVE-2023-33538. تم تسجيلها في قائمة الثغرات المستغلة
@Cybercachear
17 Jun 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
17/06/2025 CISA has issued an alert regarding CVE-2023-33538, a high-severity command injection vulnerability in TP-Link routers. Active exploitation detected—ensure your systems are patched. Source: https://t.co/qTLhiOj6Ok
@kernyx64
17 Jun 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA just flagged a live exploit in TP-Link routers (CVE-2023-33538, CVSS 8.8) — attackers can run system commands remotely. Worse? Many affected models may be end-of-life, with no fix coming. Here’s what you need to know ↓ https://t.co/BroVXTErZJ
@TheHackersNews
17 Jun 2025
85453 Impressions
78 Retweets
208 Likes
68 Bookmarks
4 Replies
10 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2492A6CA-DFF1-42DC-8800-4A66D8943C33"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-wr940n:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "68707068-83D6-460C-9107-1B86FC95F6DC"
},
{
"criteria": "cpe:2.3:h:tp-link:tl-wr940n:4.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6212F19C-E507-43BC-B3F0-7DDABB84BE20"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7F95370-1001-4194-A0CB-B3CEA027AB6D"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-wr841n:8.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D1520C26-52D3-46E6-B11B-89C4085DDF23"
},
{
"criteria": "cpe:2.3:h:tp-link:tl-wr841n:10.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "694B53D1-8714-4678-A9CF-51FF230C8BC4"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "13CA99B0-BE20-4850-9D5E-2CC6020C4775"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-wr740n:1.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "6284AB5D-17FD-411B-99A1-948434193041"
},
{
"criteria": "cpe:2.3:h:tp-link:tl-wr740n:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5E7D2E14-77D8-4534-BBD1-D52ADA5B175F"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]