- EPSS 2.89%
- Published 27.11.2017 10:29:00
- Last modified 20.04.2025 01:37:25
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zone_get_effect_devices function...
- EPSS 1.37%
- Published 27.11.2017 10:29:00
- Last modified 20.04.2025 01:37:25
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci, related to the get_device_byif function in /usr/...
CVE-2017-16959
- EPSS 0.38%
- Published 27.11.2017 10:29:00
- Last modified 20.04.2025 01:37:25
The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read re...
- EPSS 0.86%
- Published 27.11.2017 10:29:00
- Last modified 20.04.2025 01:37:25
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/luci, related to the get_device_byif function in /u...