메뉴열기
메뉴열기
취약점 소개
신고포상제
취약점 신고/조회
기업 및 기관
취약점 정보 공유
알림마당
로그인
Home > 취약점 정보 공유 > 보안공지
보안공지

목록

조회수 : 4,903


美 CISA 발표 주요 Exploit 정보공유(Update. 2025-09-03)2025-09-03
현재 자주 악용되고 있는 취약점 목록으로, 취약한 버전의 SW를 사용 중인 경우 긴급 패치를 권고 드립니다.
* 참조 링크 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog

cveIDvendorProjectvulnerabilityNamedateAddedshortDescriptionrequiredActiondueDate
CVE-2025-9377TP-LinkTP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability2025-09-03TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.2025-09-24
CVE-2023-50224TP-LinkTP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability2025-09-03TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.2025-09-24
출처 사이트 : https://www.cisa.gov/known-exploited-vulnerabilities-catalog