Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via webfilter.lua

Command Injection Vulnerability in TP-Link WVR, WAR, and ER Devices via webfilter.lua

CVE-2017-15636 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.

Learn more about our Web App Pen Testing.