CVE-2017-15629

2018-01-1116:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.1%

JSON

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.

References

www.securityfocus.com/archive/1/541655/100/0/threaded

github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt