VYPR

WVR, WAR and ER devices

by TP-Link

CVEs (7)

  • CVE-2017-15636HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.04

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.

  • CVE-2017-15634HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.04

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.

  • CVE-2017-15632HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.03

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.

  • CVE-2017-15628HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.04

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.

  • CVE-2017-15623HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.04

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.

  • CVE-2017-15619HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.04

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.

  • CVE-2017-15613HigJan 11, 2018
    risk 0.47cvss 7.2epss 0.04

    TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.