2 matches found
CVE-2019-12103
The CVE-2019-12103 issue affects TP-Link M7350 V3 with firmware before 190531. The web-based configuration interface is vulnerable to a pre-authentication command injection, enabling an attacker to execute commands without authentication. Red Hat and CNVD entries corroborate the same pre-auth vul...
CVE-2019-12103 – Analysis of a Pre-Auth RCE on the TP-Link M7350, with Ghidra!
TL;DR The TP-Link M7350 V3 is affected by a pre-authentication CVE-2019-12103, and a few post-authentication CVE-2019-12104 command injection vulnerabilities. These injections can be exploited remotely, if the attacker is on the same LAN or otherwise able to get access to the router web interface...