Vulnerabilities > CVE-2017-15634 - Unspecified vulnerability in Tp-Link products

047910
CVSS 7.2 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
tp-link

Summary

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.

Vulnerable Configurations

Part Description Count
OS
Tp-Link
38
Hardware
Tp-Link
38

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/145823/tplinkmulti-exec.txt
idPACKETSTORM:145823
last seen2018-01-11
published2018-01-11
reporterchunibalon
sourcehttps://packetstormsecurity.com/files/145823/TP-Link-Remote-Command-Injection.html
titleTP-Link Remote Command Injection