3 matches found
CVE-2020-36178
oaliptaddBridgeIsolationRules on TP-Link TL-WR840N 6EU0.9.14.16 devices allows OS command injection because a raw string entered from the web interface an IP address field is used directly for a call to the system library function for iptables. NOTE: oaliptaddBridgeIsolationRules is not the only...
CVE-2020-36178
oaliptaddBridgeIsolationRules on TP-Link TL-WR840N 6EU0.9.14.16 devices allows OS command injection because a raw string entered from the web interface an IP address field is used directly for a call to the system library function for iptables. NOTE: oaliptaddBridgeIsolationRules is not the only...
CVE-2020-36178
Summary of CVE-2020-36178 : The vulnerability affects TP-Link TL-WR840N devices running 6_EU_0.9.1_4.16 firmware. The issue is caused by the function oal_ipt_addBridgeIsolationRules, where a raw string entered via the web interface (an IP address field) is used directly as input to a system call ...