TP-Link TL-WVR4300L FIRMWARE
Approved changes feed: RSS · Atom
cpe:2.3:o:tp-link:tl-wvr4300l_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Tp Link (0b2e1553-ac8b-5981-a60b-ca6c27ee3a6e) |
|---|---|
| Product | Tl Wvr4300L Firmware (4cd1cf43-05de-53bd-8791-0640cad36a66) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-17758 |
vulnerable | 2026-06-03 14:36:55.811513 |
Details available
TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/dhcps command to cgi-bin/luci, related to the zone_get_iface_bydev function in /usr/lib/lua/luci/controller/admin/dhcps.lua in uhttpd.
Published: 2017-12-19T07:00:00.000Z
Updated: 2024-08-05T20:59:17.724Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-17757 |
vulnerable | 2026-06-03 14:36:55.810359 |
Details available
TP-Link TL-WVR and TL-WAR devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the interface field of an admin/wportal command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/wportal.lua in uhttpd.
Published: 2017-12-19T07:00:00.000Z
Updated: 2024-08-05T20:59:17.960Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16960 |
vulnerable | 2026-06-03 14:36:53.763109 |
Details available
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/interface.lua in uhttpd.
Published: 2017-11-27T10:00:00.000Z
Updated: 2024-08-05T20:43:59.342Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16959 |
vulnerable | 2026-06-03 14:36:53.726385 |
Details available
The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted Accept-Language HTTP header, related to the set_sysinfo and get_sysinfo functions in /usr/lib/lua/luci/controller/locale.lua in uhttpd.
Published: 2017-11-27T10:00:00.000Z
Updated: 2024-08-05T20:43:57.857Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16958 |
vulnerable | 2026-06-03 14:36:53.723100 |
Details available
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd.
Published: 2017-11-27T10:00:00.000Z
Updated: 2024-08-05T20:43:57.837Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16957 |
vulnerable | 2026-06-03 14:36:53.683291 |
Details available
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zone_get_effect_devices function in /usr/lib/lua/luci/controller/admin/diagnostic.lua in uhttpd.
Published: 2017-11-27T10:00:00.000Z
Updated: 2024-08-05T20:43:57.829Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.