Lucene search

K
cve[email protected]CVE-2017-15613
HistoryJan 11, 2018 - 4:29 p.m.

CVE-2017-15613

2018-01-1116:29:00
web.nvd.nist.gov
23
cve-2017-15613
tp-link
wvr
war
er
command injection
remote authenticated administrators
cmxddns.lua
nvd

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

50.0%

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.

Affected configurations

NVD
Node
tp-linker5110g_firmwareMatch-
AND
tp-linker5110gMatch-
Node
tp-linker5120g_firmwareMatch-
AND
tp-linker5120gMatch-
Node
tp-linker5510g_firmwareMatch-
AND
tp-linker5510gMatch-
Node
tp-linker5520g_firmwareMatch-
AND
tp-linker5520gMatch-
Node
tp-linkr4149g_firmwareMatch-
AND
tp-linkr4149gMatch-
Node
tp-linkr4239g_firmwareMatch-
AND
tp-linkr4239gMatch-
Node
tp-linkr4299g_firmwareMatch-
AND
tp-linkr4299gMatch-
Node
tp-linkr473gp-ac_firmwareMatch-
AND
tp-linkr473gp-acMatch-
Node
tp-linkr473g_firmwareMatch-
AND
tp-linkr473gMatch-
Node
tp-linkr473p-ac_firmwareMatch-
AND
tp-linkr473p-acMatch-
Node
tp-linkr473_firmwareMatch-
AND
tp-linkr473Match-
Node
tp-linkr478g\+_firmwareMatch-
AND
tp-linkr478g\+Match-
Node
tp-linkr478_firmwareMatch-
AND
tp-linkr478Match-
Node
tp-linkr478\+_firmwareMatch-
AND
tp-linkr478\+Match-
Node
tp-linkr483g_firmwareMatch-
AND
tp-linkr483gMatch-
Node
tp-linkr483_firmwareMatch-
AND
tp-linkr483Match-
Node
tp-linkr488_firmwareMatch-
AND
tp-linkr488Match-
Node
tp-linkwar1300l_firmwareMatch-
AND
tp-linkwar1300lMatch-
Node
tp-linkwar1750l_firmwareMatch-
AND
tp-linkwar1750lMatch-
Node
tp-linkwar2600l_firmwareMatch-
AND
tp-linkwar2600lMatch-
Node
tp-linkwar302_firmwareMatch-
AND
tp-linkwar302Match-
Node
tp-linkwar450l_firmwareMatch-
AND
tp-linkwar450lMatch-
Node
tp-linkwar450_firmwareMatch-
AND
tp-linkwar450Match-
Node
tp-linkwar458l_firmwareMatch-
AND
tp-linkwar458lMatch-
Node
tp-linkwar458_firmwareMatch-
AND
tp-linkwar458Match-
Node
tp-linkwar900l_firmwareMatch-
AND
tp-linkwar900lMatch-
Node
tp-linkwvr1300g_firmwareMatch-
AND
tp-linkwvr1300gMatch-
Node
tp-linkwvr1300l_firmwareMatch-
AND
tp-linkwvr1300lMatch-
Node
tp-linkwvr1750l_firmwareMatch-
AND
tp-linkwvr1750lMatch-
Node
tp-linkwvr2600l_firmwareMatch-
AND
tp-linkwvr2600lMatch-
Node
tp-linkwvr300_firmwareMatch-
AND
tp-linkwvr300Match-
Node
tp-linkwvr302_firmwareMatch-
AND
tp-linkwvr302Match-
Node
tp-linkwvr4300l_firmwareMatch-
AND
tp-linkwvr4300lMatch-
Node
tp-linkwvr450l_firmwareMatch1.0161125
AND
tp-linkwvr450lMatch-
Node
tp-linkwvr450_firmwareMatch-
AND
tp-linkwvr450Match-
Node
tp-linkwvr458l_firmwareMatch-
AND
tp-linkwvr458lMatch-
Node
tp-linkwvr900g_firmwareMatch3.0_170306
AND
tp-linkwvr900gMatch-
Node
tp-linkwvr900l_firmwareMatch-
AND
tp-linkwvr900lMatch-

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

50.0%

Related for CVE-2017-15613