Vulnerabilities > CVE-2017-15633 - Unspecified vulnerability in Tp-Link products
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
Vulnerable Configurations
Packetstorm
data source | https://packetstormsecurity.com/files/download/145823/tplinkmulti-exec.txt |
id | PACKETSTORM:145823 |
last seen | 2018-01-11 |
published | 2018-01-11 |
reporter | chunibalon |
source | https://packetstormsecurity.com/files/145823/TP-Link-Remote-Command-Injection.html |
title | TP-Link Remote Command Injection |