Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via wportal.lua File
CVE-2017-15634 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.
Learn more about our Web Application Penetration Testing UK.