Vulnerabilites related to tp-link - r478_firmware
cve-2017-15625
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.520Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15625", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15625", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.520Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15631
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.457Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15631", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15631", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.457Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15635
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.471Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15635", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15635", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.471Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15617
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.615Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15617", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15617", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.615Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15619
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.434Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15619", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15619", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.434Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15637
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15637", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15637", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.655Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15632
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.357Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15632", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15632", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.357Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15628
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.430Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15628", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15628", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.430Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15624
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.400Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15624", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15624", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.400Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15621
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.491Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15621", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15621", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.491Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15614
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.433Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15614", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15614", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.433Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15627
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.508Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15627", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15627", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.508Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15626
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15626", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15626", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.510Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15613
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.620Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15613", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15613", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.620Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15630
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.418Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15630", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15630", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.418Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15636
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.517Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15636", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15636", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.517Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15634
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.645Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15634", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15634", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.645Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15618
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.529Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15618", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15618", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.529Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15633
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.521Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15633", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15633", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.521Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15620
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.397Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15620", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15620", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.397Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15616
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.362Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15616", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15616", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.362Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15629
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.530Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15629", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15629", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.530Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15615
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.481Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15615", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15615", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.481Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15623
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.507Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15623", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15623", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.507Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-15622
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:27.356Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-01-10T00:00:00", descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-09T18:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-15622", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", refsource: "MISC", url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { name: "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-15622", datePublished: "2018-01-11T16:00:00", dateReserved: "2017-10-19T00:00:00", dateUpdated: "2024-08-05T19:57:27.356Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-zone en el archivo ipmac_import.lua.", }, ], id: "CVE-2017-15620", lastModified: "2024-11-21T03:14:52.660", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.737", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-enable en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15618", lastModified: "2024-11-21T03:14:52.293", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.643", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-tunnelname en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15629", lastModified: "2024-11-21T03:14:54.237", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.097", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-bindif en el archivo pptp_server.lua.", }, ], id: "CVE-2017-15626", lastModified: "2024-11-21T03:14:53.697", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.970", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-mppeencryption en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15622", lastModified: "2024-11-21T03:14:53.017", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.813", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-enable en el archivo pptp_server.lua.", }, ], id: "CVE-2017-15623", lastModified: "2024-11-21T03:14:53.183", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.860", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-authtype en el archivo pptp_server.lua.", }, ], id: "CVE-2017-15624", lastModified: "2024-11-21T03:14:53.360", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.893", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-pns en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15627", lastModified: "2024-11-21T03:14:53.877", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.017", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable name en el archivo wportal.lua.", }, ], id: "CVE-2017-15634", lastModified: "2024-11-21T03:14:55.070", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.313", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable iface en el archivo interface_wan.lua.", }, ], id: "CVE-2017-15617", lastModified: "2024-11-21T03:14:52.120", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.610", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-mppeencryption en el archivo pptp_server.lua.", }, ], id: "CVE-2017-15632", lastModified: "2024-11-21T03:14:54.737", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.237", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable olmode en el archivo interface_wan.lua.", }, ], id: "CVE-2017-15621", lastModified: "2024-11-21T03:14:52.840", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.767", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-workmode en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15631", lastModified: "2024-11-21T03:14:54.577", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.190", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable max_conn en el archivo session_limits.lua.", }, ], id: "CVE-2017-15635", lastModified: "2024-11-21T03:14:55.230", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.360", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-outif en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15614", lastModified: "2024-11-21T03:14:51.490", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.470", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-interface en el archivo phddns.lua.", }, ], id: "CVE-2017-15616", lastModified: "2024-11-21T03:14:51.893", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.547", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable pptphellointerval en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15619", lastModified: "2024-11-21T03:14:52.477", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.690", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable lcpechointerval en el archivo pptp_server.lua.", }, ], id: "CVE-2017-15628", lastModified: "2024-11-21T03:14:54.057", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.047", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-ipgroup en el archivo session_limits.lua.", }, ], id: "CVE-2017-15633", lastModified: "2024-11-21T03:14:54.900", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.267", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable lcpechointerval en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15615", lastModified: "2024-11-21T03:14:51.680", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.517", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable pptphellointerval en el archivo pptp_server.lua.", }, ], id: "CVE-2017-15637", lastModified: "2024-11-21T03:14:55.580", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.440", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-olmode en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15625", lastModified: "2024-11-21T03:14:53.533", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.940", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-remotesubnet en el archivo pptp_client.lua.", }, ], id: "CVE-2017-15630", lastModified: "2024-11-21T03:14:54.407", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.157", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-interface en el archivo cmxddns.lua.", }, ], id: "CVE-2017-15613", lastModified: "2024-11-21T03:14:51.303", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:00.407", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*", matchCriteriaId: "278C3643-B4AE-451A-965C-65BFAE8CECBD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*", matchCriteriaId: "36AF5119-F739-4B43-B261-CA52A0C2B5F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "86222303-5481-4546-AEED-C8ED5B73F8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*", matchCriteriaId: "4D1162E8-F5F2-4E7E-BF88-55D038994157", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9FCC6106-736E-48C7-ACAD-FE1ED383360C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*", matchCriteriaId: "432E9087-81C6-404C-8295-186DD3969C04", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C8A589CE-C099-4C7D-A39C-BE0E332EA95C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*", matchCriteriaId: "A9835925-CD44-413E-9983-2F30BE450CAB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "FD80754F-99F0-40E4-A2D3-C0F8517CDE56", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*", matchCriteriaId: "303F25CE-4D51-4F39-9496-3C47AC6ED5CF", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9B535BDE-E116-47CF-82F8-FE6CD078435B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*", matchCriteriaId: "F6D4BBA6-28C6-43D4-8620-B73ED839DA67", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "305BB772-44D2-4313-AE12-4006D6A62787", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "88CE3100-8052-40CD-A1F3-2BE4B57CF06A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BAFDF620-5F58-4723-BE73-5FA2692F8AA9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8DA8E5D5-C09A-4A96-A094-82E055002376", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*", matchCriteriaId: "2645D464-741A-430B-AB55-1D2CB210AE4D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*", matchCriteriaId: "497980B8-E82E-4454-B20A-3C87620EC1EB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "73D91026-BE9A-46E6-B88C-1A51038A8372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "EC1C4019-C3F1-47EF-916C-C200D236A2A9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A470D0C1-1AEB-4DF7-A998-25293281526C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*", matchCriteriaId: "0590E940-8741-487D-ABA5-2135AE247AB5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9C617DB5-DC64-4207-AFD1-4D303C8626F2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*", matchCriteriaId: "DA140175-7625-4AC8-B9F6-6B827C2B1007", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B6706D9-62C6-4BFE-81BA-9BB413167918", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*", matchCriteriaId: "70787CE9-F74D-4824-BD32-9A062C40382C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4128E08C-186C-47AF-BE2A-0F46CB9123E4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*", matchCriteriaId: "15680718-C107-489F-873B-BF71D26C4EE0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A4C7EA70-B7FE-4A71-B015-450513F33C67", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*", matchCriteriaId: "BDDE9828-0F0A-4461-9873-6868DF577AA6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "504C2C9E-FC30-4130-9641-AADD9CAD1B92", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "486B9337-F576-4704-B870-58E0B99700D5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "83B16A78-CCAA-4B5A-B789-0F91758AADCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "51B89777-33AD-479A-9B5E-A10960FF6333", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "B93B8121-8665-46E1-927A-47614525C3BB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "A8FD219F-41A2-4396-B31E-C77885EEFA41", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*", matchCriteriaId: "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*", matchCriteriaId: "1D4965FF-4060-448B-A9AC-15E0A512D6CA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*", matchCriteriaId: "FE63F6F3-2D20-4819-A933-02BF30A5AAAE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*", matchCriteriaId: "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "20F7401A-DF90-411C-B69A-412DBD22F679", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*", matchCriteriaId: "B73FC044-921B-4B71-A957-F7321D42433D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8E083809-6C9E-4616-B232-68B7E1EAA742", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*", matchCriteriaId: "EF26756D-F6E2-46E0-9EB7-8F9855571E79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*", matchCriteriaId: "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "87D41070-B44C-414C-8E1C-3D814CC9F36B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*", matchCriteriaId: "780A3BE2-05DF-48A4-95C0-3F364C1677F3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "23169885-2D15-43F0-B2A9-373808A3B41E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*", matchCriteriaId: "BE167A7B-904D-4D32-9EFA-B9C43D4CE041", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "25221744-B24D-4715-8917-9B0BB25570AD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*", matchCriteriaId: "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*", matchCriteriaId: "6F5804FA-0FA2-4A99-9C5F-CBD746581E52", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*", matchCriteriaId: "39465064-E577-48A6-A07D-73CD59DB05FB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*", matchCriteriaId: "2B368D55-BE86-4D62-9AA3-63BEDECB84B4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*", matchCriteriaId: "9A254389-F0A7-47EE-B4B8-E7A673794A50", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*", matchCriteriaId: "2A552C2B-2588-4F82-8DF6-7B3E4CB88687", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "428DF7F6-D8AD-411C-8670-741E9A3B33DC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*", matchCriteriaId: "8060E869-8B2E-40A0-8161-BB40FE49D647", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*", matchCriteriaId: "A2EAF688-0CE3-4044-8963-6863B13613D0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*", matchCriteriaId: "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*", matchCriteriaId: "D038724E-45EE-4CF3-91F8-B65D8BA84469", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*", matchCriteriaId: "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.", }, { lang: "es", value: "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyección de comandos en la variable new-time en el archivo webfilter.lua.", }, ], id: "CVE-2017-15636", lastModified: "2024-11-21T03:14:55.403", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-01-11T16:29:01.393", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/541655/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }