4 matches found
CVE-2017-8218
CVE-2017-8218 affects TP-Link C2 and C20i routers running firmware up to 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n, where vsftpd exposes backdoor credentials (admin: 1234, guest: guest, test: test) allowing unauthorized access to FTP and potentially root access via related components. Connected s...
CVE-2017-8217
CVE-2017-8217 affects TP-Link C2 and C20i routers (firmware up to 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n). A security-bypass vulnerability exists in the device IPtables/iptables rules and web management surface that can enable an attacker to perform unauthorized operations by remote requests; ...
CVE-2017-8219
CVE-2017-8219 affects TP-Link C2 and C20i routers up to firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n. An authenticated attacker can trigger a DoS of the HTTP server by sending a crafted Cookie header to /cgi/ansi, and, more critically, perform remote code execution that can dump/modify conf...
CVE-2017-8220
CVE-2017-8220 affects TP-Link C2 and C20i routers (firmware up to 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n). A vulnerability in the HTTP management/Diagnostics page allows remote code execution by injecting commands in the host= field of a POST request, enabling an attacker (with credentials) to...