5 matches found
Command injection
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptpserver.lua file...
CVE-2017-15614
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptpclient.lua file...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-02029)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the name variable of the wportal.lua file to...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-01913)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the new-interface variable in the phddns.lua file...
TP-Link WVR, WAR and ER Device Arbitrary Command Execution Vulnerability (CNVD-2018-01910)
TP-Link WVR, WAR and ER devices are all different series of router products from China P&L TP-LINK. A security vulnerability exists in the TP-Link WVR, WAR, and ER devices. A remote attacker can exploit the vulnerability by injecting commands into the pptphellointerval variable in the...