3 matches found
CVE-2019-12104
The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities...
CVE-2019-12104
CVE-2019-12104 affects TP-Link M7350 V3 web-based configuration interface with firmware before 190531. Connected documents describe several post-authentication command injection vulnerabilities in this interface. The Red Hat entry (RH:CVE-2019-12104) corroborates the post-auth vulnerability class...
CVE-2019-12103 – Analysis of a Pre-Auth RCE on the TP-Link M7350, with Ghidra!
TL;DR The TP-Link M7350 V3 is affected by a pre-authentication CVE-2019-12103, and a few post-authentication CVE-2019-12104 command injection vulnerabilities. These injections can be exploited remotely, if the attacker is on the same LAN or otherwise able to get access to the router web interface...