CVE-2017-15637

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpserver.lua file...

CVE-2017-15632

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpserver.lua file...

Command injection

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptpserver.lua file...

Command injection

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptpserver.lua file...

CVE-2017-15623

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptpserver.lua file...

Command injection

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpserver.lua file...

Command injection

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptpserver.lua file...

CVE-2017-15626

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptpserver.lua file...

CVE-2017-15624

Technical details for CVE-2017-15624 are not publicly available in the provided documents. Monitor for updates from official sources for affected devices and remediation.

CVE-2017-15628

Technical details for CVE-2017-15628 are not publicly available in the provided connected documents; monitor for updates.

CVE-2017-15624

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptpserver.lua file...

CVE-2017-15637

CVE-2017-15637 affects TP-Link WVR, WAR and ER devices. A remote authenticated administrator can execute arbitrary commands via command injection in the pptp_server.lua pptphellointerval variable. The provided sources list high-severity impacts (C, I, A all HIGH) and a network attack vector with ...

CVE-2017-15623

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptpserver.lua file...

CVE-2017-15632

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptpserver.lua file...

CVE-2017-15626

Technical details about CVE-2017-15626 are not publicly available in the provided connected documents. Monitoring for updates is recommended; the connected EUVD entries refer to malware notes without device/vendor specifics.

CVE-2017-15623

Technical details for CVE-2017-15623 are not publicly available in the provided documents. The initial description indicates a command-injection in TP-Link devices, but no verifiable specifics, affected products, or fixes are supplied here. Monitor for updates.

CVE-2017-15632

CVE-2017-15632 affects TP-Link WVR, WAR and ER devices via a command injection in the pptp_server.lua file, exploitable by remote authenticated administrators. The description states arbitrary command execution via the new-mppeencryption variable. No remediation or version details are provided in...

CVE-2017-15628

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptpserver.lua file...

CVE-2017-15637

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptpserver.lua file...