CVE-2017-15627

2018-01-1116:00:00

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

50.0%

JSON

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.

References

www.securityfocus.com/archive/1/541655/100/0/threaded

github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt