Tplink Bridge Authenticated RCE

Tplink Bridge Authenticated RCE in bridge.lua allows remote command execution on root shell. Vulnerable devices include Tp-Link TL-WVR300 (v4), TL-WVR302 (v2), TL-WVR450, TL-WVR450L, TL-WVR450G (v5), TL-WVR458, TL-WVR458L, TL-WVR458P, TL-WVR900G (v3), TL-WVR900L, TL-WVR1200L, TL-WVR1300L, TL-WVR1300G, TL-WVR1750L, TL-WVR2600L, TL-WVR4300L, TL-WAR302, TL-WAR450, TL-WAR450L, TL-WAR458, TL-WAR458L, TL-WAR900L, TL-WAR1200L, TL-WAR1300L, TL-WAR1750L, TL-WAR2600L, TL-ER3210G, TL-ER3220G, TL-ER5110G, TL-ER5120G, TL-ER5510G (v2,v3), TL-ER5520G (v2,v3), TL-ER6110G, TL-ER6120G (v2), TL-ER6220G, TL-ER6510G, TL-ER6520G (v2,v3), TL-ER7520G, TL-R473 (v5), TL-R473G, TL-R473P-AC, TL-R473GP-AC, TL-R478 (v6), TL-R478+ (v7), TL-R478G, TL-R478G+ (v3), TL-R479P-AC, TL-R479GP-AC, TL-R479GPE-AC, TL-R483 (v5), TL-R483G (v2), TL-R488 (v5), TL-R4149G, TL-R4239G (v2), and TL-R4299G