Arbitrary Command Execution Vulnerability in TP-Link WVR, WAR, and ER Devices
CVE-2017-15632 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.
Learn more about our Cis Benchmark Audit For Server Software.