2 matches found
CVE-2017-15636
CVE-2017-15636 affects TP-Link WVR, WAR and ER devices. It allows remote authenticated administrators to execute arbitrary commands via a command injection in the new-time variable in the webfilter.lua file. The provided metrics indicate a high impact (C/H/I/A) with network access and no user int...
TP-Link Remote Command Injection
Introduction: ================ The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link. These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files. If the attacker obtains the account a...