CVE-2017-16958
The CVE affects TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices. Affected component is the admin/bridge CGI in uhttpd, where shell metacharacters in the t_bindif field passed via the admin/bridge command to cgi-bin/luci can lead to remote command execution. Root cause is input constructed to trig...