Vulnerabilites related to tp-link - wvr1300g
cve-2017-15625
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.520Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15625",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.520Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15631
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15631",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15635
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15635",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15635",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15617
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15617",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15617",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15619
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15619",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15637
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15637",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15637",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.655Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15632
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15632",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15632",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15628
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15628",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15628",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15624
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15624",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15624",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15621
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15621",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15621",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.491Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15614
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15614",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15614",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15627
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15627",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15627",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15626
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15626",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15613
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.620Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15613",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15630
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.418Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15630",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15630",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.418Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15636
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15636",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15636",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15634
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15634",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15618
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15618",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15618",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15633
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15633",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15620
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15620",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15616
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15616",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15629
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15629",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15615
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15615",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15623
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.507Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15623",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15622
Vulnerability from cvelistv5
Published
2018-01-11 16:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/541655/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:27.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15622",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt",
"refsource": "MISC",
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"name": "20180110 Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15622",
"datePublished": "2018-01-11T16:00:00",
"dateReserved": "2017-10-19T00:00:00",
"dateUpdated": "2024-08-05T19:57:27.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-zone en el archivo ipmac_import.lua."
}
],
"id": "CVE-2017-15620",
"lastModified": "2024-11-21T03:14:52.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.737",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-enable en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15618",
"lastModified": "2024-11-21T03:14:52.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.643",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-tunnelname en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15629",
"lastModified": "2024-11-21T03:14:54.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.097",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-bindif en el archivo pptp_server.lua."
}
],
"id": "CVE-2017-15626",
"lastModified": "2024-11-21T03:14:53.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.970",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-mppeencryption en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15622",
"lastModified": "2024-11-21T03:14:53.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.813",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-enable en el archivo pptp_server.lua."
}
],
"id": "CVE-2017-15623",
"lastModified": "2024-11-21T03:14:53.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.860",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-authtype en el archivo pptp_server.lua."
}
],
"id": "CVE-2017-15624",
"lastModified": "2024-11-21T03:14:53.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.893",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-pns en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15627",
"lastModified": "2024-11-21T03:14:53.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.017",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable name en el archivo wportal.lua."
}
],
"id": "CVE-2017-15634",
"lastModified": "2024-11-21T03:14:55.070",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable iface en el archivo interface_wan.lua."
}
],
"id": "CVE-2017-15617",
"lastModified": "2024-11-21T03:14:52.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.610",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-mppeencryption en el archivo pptp_server.lua."
}
],
"id": "CVE-2017-15632",
"lastModified": "2024-11-21T03:14:54.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable olmode en el archivo interface_wan.lua."
}
],
"id": "CVE-2017-15621",
"lastModified": "2024-11-21T03:14:52.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.767",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-workmode en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15631",
"lastModified": "2024-11-21T03:14:54.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable max_conn en el archivo session_limits.lua."
}
],
"id": "CVE-2017-15635",
"lastModified": "2024-11-21T03:14:55.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.360",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-outif en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15614",
"lastModified": "2024-11-21T03:14:51.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.470",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-interface en el archivo phddns.lua."
}
],
"id": "CVE-2017-15616",
"lastModified": "2024-11-21T03:14:51.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.547",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable pptphellointerval en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15619",
"lastModified": "2024-11-21T03:14:52.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.690",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable lcpechointerval en el archivo pptp_server.lua."
}
],
"id": "CVE-2017-15628",
"lastModified": "2024-11-21T03:14:54.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.047",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-ipgroup en el archivo session_limits.lua."
}
],
"id": "CVE-2017-15633",
"lastModified": "2024-11-21T03:14:54.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable lcpechointerval en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15615",
"lastModified": "2024-11-21T03:14:51.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.517",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable pptphellointerval en el archivo pptp_server.lua."
}
],
"id": "CVE-2017-15637",
"lastModified": "2024-11-21T03:14:55.580",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.440",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-olmode en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15625",
"lastModified": "2024-11-21T03:14:53.533",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-remotesubnet en el archivo pptp_client.lua."
}
],
"id": "CVE-2017-15630",
"lastModified": "2024-11-21T03:14:54.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.157",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-interface en el archivo cmxddns.lua."
}
],
"id": "CVE-2017-15613",
"lastModified": "2024-11-21T03:14:51.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:00.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-01-11 16:29
Modified
2024-11-21 03:14
Severity ?
Summary
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/541655/100/0/threaded | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt | Exploit, Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5110g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD1EE64D-3AAB-45B5-AD01-7126FBF1B803",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5110g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "278C3643-B4AE-451A-965C-65BFAE8CECBD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5120g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4EEA4ED-3527-46A5-8E55-8EC13ED2AE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5120g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AF5119-F739-4B43-B261-CA52A0C2B5F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5510g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86222303-5481-4546-AEED-C8ED5B73F8AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5510g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1162E8-F5F2-4E7E-BF88-55D038994157",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:er5520g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FCC6106-736E-48C7-ACAD-FE1ED383360C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:er5520g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "432E9087-81C6-404C-8295-186DD3969C04",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4149g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A589CE-C099-4C7D-A39C-BE0E332EA95C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4149g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9835925-CD44-413E-9983-2F30BE450CAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4239g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD80754F-99F0-40E4-A2D3-C0F8517CDE56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4239g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "303F25CE-4D51-4F39-9496-3C47AC6ED5CF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r4299g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B535BDE-E116-47CF-82F8-FE6CD078435B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r4299g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D4BBA6-28C6-43D4-8620-B73ED839DA67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473gp-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "305BB772-44D2-4313-AE12-4006D6A62787",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473gp-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88CE3100-8052-40CD-A1F3-2BE4B57CF06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAFDF620-5F58-4723-BE73-5FA2692F8AA9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB678C70-BEB9-4DE8-8CE7-8F9069599FBA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473p-ac_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA8E5D5-C09A-4A96-A094-82E055002376",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473p-ac:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2645D464-741A-430B-AB55-1D2CB210AE4D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r473_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB0DFB48-8E2D-49B5-8AC9-4E44E02FB736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r473:-:*:*:*:*:*:*:*",
"matchCriteriaId": "497980B8-E82E-4454-B20A-3C87620EC1EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478g\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D91026-BE9A-46E6-B88C-1A51038A8372",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478g\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C4019-C3F1-47EF-916C-C200D236A2A9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A470D0C1-1AEB-4DF7-A998-25293281526C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0590E940-8741-487D-ABA5-2135AE247AB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r478\\+_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C617DB5-DC64-4207-AFD1-4D303C8626F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r478\\+:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA140175-7625-4AC8-B9F6-6B827C2B1007",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6706D9-62C6-4BFE-81BA-9BB413167918",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70787CE9-F74D-4824-BD32-9A062C40382C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r483_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4128E08C-186C-47AF-BE2A-0F46CB9123E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r483:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15680718-C107-489F-873B-BF71D26C4EE0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:r488_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C7EA70-B7FE-4A71-B015-450513F33C67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:r488:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDDE9828-0F0A-4461-9873-6868DF577AA6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "504C2C9E-FC30-4130-9641-AADD9CAD1B92",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9ED6DC-305A-4330-BB07-E6AE5E819ADE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "486B9337-F576-4704-B870-58E0B99700D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B16A78-CCAA-4B5A-B789-0F91758AADCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51B89777-33AD-479A-9B5E-A10960FF6333",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93B8121-8665-46E1-927A-47614525C3BB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8FD219F-41A2-4396-B31E-C77885EEFA41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4D6462-8FEB-468B-8DDE-36C93AB3F42E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A24D45-C8EE-41A7-A1C4-AC68BF25FFF5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4965FF-4060-448B-A9AC-15E0A512D6CA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "636CD6F5-E9A0-41BB-8B8D-2EA3BEF251AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE63F6F3-2D20-4819-A933-02BF30A5AAAE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E0FD9C-4A8E-4B58-ACEE-46FE8C4C35AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C69C7A7D-4B01-47D9-9E9A-FECBE461B3AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war458_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20F7401A-DF90-411C-B69A-412DBD22F679",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war458:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73FC044-921B-4B71-A957-F7321D42433D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:war900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E083809-6C9E-4616-B232-68B7E1EAA742",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:war900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF26756D-F6E2-46E0-9EB7-8F9855571E79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCAA658D-26D5-4F2C-9E81-51CCFEB68A6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB5CBD58-E84A-4A11-BCFC-1ECF338464B1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D41070-B44C-414C-8E1C-3D814CC9F36B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "780A3BE2-05DF-48A4-95C0-3F364C1677F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr1750l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23169885-2D15-43F0-B2A9-373808A3B41E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr1750l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE167A7B-904D-4D32-9EFA-B9C43D4CE041",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr2600l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25221744-B24D-4715-8917-9B0BB25570AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr2600l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CE3ACE-8426-4CC5-AB83-32E4FB50D5AE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9ACD18-0D23-4807-98F1-AF441F6DD8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F5804FA-0FA2-4A99-9C5F-CBD746581E52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr302_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FFD4F10-46B2-48C5-A3D0-82A3B26C097B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39465064-E577-48A6-A07D-73CD59DB05FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr4300l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDA6DD1-48AB-410C-AFFA-CB275EEF8D3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr4300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B368D55-BE86-4D62-9AA3-63BEDECB84B4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450l_firmware:1.0161125:*:*:*:*:*:*:*",
"matchCriteriaId": "9A254389-F0A7-47EE-B4B8-E7A673794A50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A552C2B-2588-4F82-8DF6-7B3E4CB88687",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "428DF7F6-D8AD-411C-8670-741E9A3B33DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8060E869-8B2E-40A0-8161-BB40FE49D647",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr458l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B1DED3A-BCDC-4550-A6C5-6CE5652BD7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr458l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2EAF688-0CE3-4044-8963-6863B13613D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900g_firmware:3.0_170306:*:*:*:*:*:*:*",
"matchCriteriaId": "D3DFBD9E-DD1C-41D2-8D06-A4DE287697ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D038724E-45EE-4CF3-91F8-B65D8BA84469",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:wvr900l_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA42694D-F4DA-432A-9AFE-9E2ADDE31BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:wvr900l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9C69EF-EFAC-45AB-A79C-1E0C5811B226",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file."
},
{
"lang": "es",
"value": "Los dispositivos TP-Link WVR, WAR y ER permiten que administradores autenticados remotos ejecuten comandos arbitrarios mediante inyecci\u00f3n de comandos en la variable new-time en el archivo webfilter.lua."
}
],
"id": "CVE-2017-15636",
"lastModified": "2024-11-21T03:14:55.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-01-11T16:29:01.393",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/541655/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/chunibalon/Vulnerability/blob/master/CVE-2017-15613_to_CVE-2017-15637.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}