138 matches found
CVE-2017-15629
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptpclient.lua file...
CVE-2017-15622
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpclient.lua file...
CVE-2017-15614
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptpclient.lua file...
CVE-2017-15617
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interfacewan.lua file...
CVE-2017-15625
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptpclient.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interfacewan.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptpserver.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file...
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptpclient.lua file...
CVE-2017-15625
CVE-2017-15625 affects TP-Link WVR, WAR and ER devices. The issue is a command injection in the pptp_client.lua file via the new-olmode variable, exploitable by remote authenticated administrators to execute arbitrary commands. The description indicates a high-severity impact with potential confi...
CVE-2017-15623
Technical details for CVE-2017-15623 are not publicly available in the provided documents. The initial description indicates a command-injection in TP-Link devices, but no verifiable specifics, affected products, or fixes are supplied here. Monitor for updates.
CVE-2017-15633
Technical details for CVE-2017-15633 are not provided in the connected documents. The available sources describe the vulnerability at a high level; monitor for updates regarding affected products, impact, or mitigations.
CVE-2017-15622
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpclient.lua file...
CVE-2017-15620
CVE-2017-15620 concerns TP-Link WVR, WAR and ER devices. The issue is a command-injection vulnerability in the ipmac_import.lua file’s new-zone variable that can be exploited by remote authenticated administrators to execute arbitrary commands. This implies attackers with valid credentials and ac...
CVE-2017-15632
CVE-2017-15632 affects TP-Link WVR, WAR and ER devices via a command injection in the pptp_server.lua file, exploitable by remote authenticated administrators. The description states arbitrary command execution via the new-mppeencryption variable. No remediation or version details are provided in...
CVE-2017-15615
Technical details about CVE-2017-15615 are not publicly provided in the supplied connected documents. Monitor for updates from ENISA EUVD entries; no vendor/product/version mappings or fixes are described here.
CVE-2017-15629
Technical details for CVE-2017-15629 are not publicly available in the provided documents. Monitor for updates; the connected EUVD entries reference malware but do not supply CVE specifics.
CVE-2017-15625
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptpclient.lua file...
CVE-2017-15630
Technical details beyond the initial description are not publicly available in the provided connected documents. Monitor for updates.