Code execution vulnerability in TP-Link enterprise routers (CNVD-2018-08408)

Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are enterprise VPN routers and enterprise wireless VPN routers. A code execution vulnerability exists in TP-Link Enterprise Routers. An attacker can exploit the vulnerability to obtain the router's administrator username and password, or hijack a...

Command Execution Vulnerability in Multiple TP-Link Enterprise Routers

The Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are all enterprise VPN routers and enterprise wireless VPN routers from P&L Technologies. A command execution vulnerability exists in several TP-Link enterprise routers. An attacker can exploit the vulnerability to elevate from administrator...

TP-Link Remote Command Injection

Introduction: ================ The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link. These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files. If the attacker obtains the account a...

Tplink Bridge Authenticated RCE

Vulnerability: Command Injection in bridge.lua ------------------------------------------ Exploitation: Can remote command execution on the root shell. ------------------------------------------ Vendor of Product: Tp-Link router ------------------------------------------ Affected Products and...