2 matches found
CVE-2017-15621
What is affected: TP-Link WVR, WAR and ER devices. Vulnerability: remote authenticated administrators can execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file. Impact: high (CVSS v3 base score 7.2; confidentiality, integrity, and availability are a...
TP-Link Remote Command Injection
Introduction: ================ The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link. These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files. If the attacker obtains the account a...