Lucene search
MitreCVELIST:CVE-2020-28347HistoryNov 08, 2020 - 8:00 p.m.
CVE-2020-28347
2020-11-0820:00:39
mitre
www.cve.org
tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.
References
github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/lao_bomb/lao_bomb.md
github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2020/minesweeper.md
github.com/rapid7/metasploit-framework/pull/14365
github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2019/lao_bomb.md
github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2020/minesweeper.md
Related
nvd
nvd
CVE-2020-28347
2020-11-08 20:15:11
CVE-2020-10882
2020-03-25 21:15:11
prion
prion
Code injection
2020-11-08 20:15:00
Design/Logic Flaw
2020-03-25 21:15:00
cve
cve
CVE-2020-28347
2020-11-08 20:15:11
CVE-2020-10882
2020-03-25 21:15:11
cvelist
cvelist
CVE-2020-10882
2020-03-25 19:15:23
cnvd
cnvd
TP-Link Archer A7 AC1750 Command Injection Vulnerability
2020-11-16 00:00:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
zdt
zdt
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution Exploit
2020-04-16 00:00:00
packetstorm
packetstorm
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
2020-04-15 00:00:00