Authenticated Remote Code Execution in TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 Devices via Crafted JSON Data

Authenticated Remote Code Execution in TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 Devices via Crafted JSON Data

CVE-2018-11481 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua does not block various punctuation characters.

Learn more about our Web Application Penetration Testing UK.