Critical severity9.9NVD Advisory· Published Apr 25, 2017· Updated Jun 17, 2026
CVE-2017-8220
CVE-2017-8220
Description
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:o:tp-link:c20i_firmware:*:rel.37961n:*:*:*:*:*:*Range: <=0.9.1_4.2_v0032.0_build_160706
- cpe:2.3:o:tp-link:c2_firmware:*:rel.37961n:*:*:*:*:*:*Range: <=0.9.1_4.2_v0032.0_build_160706
Patches
Vulnerability mechanics
References
1- pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.htmlnvdExploitTechnical DescriptionThird Party Advisory
News mentions
0No linked articles in our index yet.