TP-Link TL-WR841N Command Injection (CVE-2020-35576)

A command injection vulnerability exists in TP-Link TL-WR841N. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

TP-Link TL-WR841N - Command Injection

Exploit Title: TP-Link TL-WR841N - Command Injection Date: 2020-12-13 Exploit Author: Koh You Liang Vendor Homepage: https://www.tp-link.com/ Software Link: https://static.tp-link.com/TL-WR841NJPV13161028.zip Version: TL-WR841N 0.9.1 4.0 Tested on: Windows 10 CVE : CVE-2020-35576 import requests...

CVE-2020-35576

creationtimestamp| type| source ---|---|--- 2021-01-26 20:49:27+00:00| seen| https://t.me/cibsecurity/22651...

CVE-2020-35576

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 JP with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577...

CVE-2020-35576

CVE-2020-35576 is a command-injection vulnerability in the traceroute feature of TP-Link TL-WR841N (V13, JP) firmware prior to 201216. Authenticated users can execute arbitrary code as root via shell metacharacters. Affected firmware versions include V13 with build 161028, and vendor guidance fix...