4 matches found
CVE-2017-15619
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpclient.lua file...
CVE-2017-15619
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpclient.lua file...
CVE-2017-15619
Technical details for CVE-2017-15619 are not publicly available in the provided documents. The initial description mentions command injection in pptp_client.lua affecting TP-Link WVR/WAR/ER devices, but no further specifics are provided here. Monitor for updates.
TP-Link Remote Command Injection
Introduction: ================ The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link. These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files. If the attacker obtains the account a...