Remote Command Execution Vulnerability in TP-Link TL-WR849N 0.9.1 4.16 Diagnostics Panel
CVE-2020-9374 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
Learn more about our Web Application Penetration Testing UK.