13 matches found
EUVD-2017-17180
Malware in sbrugna...
CVE-2017-8217
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface...
CVE-2017-8218
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password...
TP-Link C2 and C20i Security Bypass Vulnerability
The TP-Link C2 and C20i are router devices from China P&L. A security bypass vulnerability exists in the TP-Link C2 and C20i, which can be exploited by remote attackers to submit a special request to bypass security restrictions and perform unauthorized operations...
TP-LINK C2 and C20i Arbitrary Code Execution Vulnerability
TP-LINK C2 and C20i etc. are wireless router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link C2 and C20i 'Diagnostic' page, which allows remote attackers to submit a special request to execute arbitrary code...
TP-Link C2 and C20i Security Bypass Vulnerability (CNVD-2017-06904)
The TP-LINK C2 and C20i, among others, are wireless router products from China P&L TP-LINK. vsftpd is a server that runs on a UNIX-like operating system. A security bypass vulnerability exists in the TP-Link C2 and C20i, which allows remote attackers to submit a special request to bypass security...
CVE-2017-8219
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI...
CVE-2017-8218
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password...
CVE-2017-8220
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data...
Remote code execution
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data...
CVE-2017-8218
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password...
CVE-2017-8218
CVE-2017-8218 affects TP-Link C2 and C20i routers running firmware up to 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n, where vsftpd exposes backdoor credentials (admin: 1234, guest: guest, test: test) allowing unauthorized access to FTP and potentially root access via related components. Connected s...
TP-Link C2 and C20i Denial of Service Vulnerability
TP-Link is a Chinese manufacturer of network equipment such as routers and IOT devices. A denial of service vulnerability exists in TP-Link C2 and C20i. An attacker can exploit the vulnerability to cause a denial of service by sending an HTTP request to the affected device, crashing the HTTP serv...