3 matches found
CVE-2017-15637
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpserver.lua file...
CVE-2017-15637
CVE-2017-15637 affects TP-Link WVR, WAR and ER devices. A remote authenticated administrator can execute arbitrary commands via command injection in the pptp_server.lua pptphellointerval variable. The provided sources list high-severity impacts (C, I, A all HIGH) and a network attack vector with ...
TP-Link Remote Command Injection
Introduction: ================ The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link. These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files. If the attacker obtains the account a...