First published: Thu Jan 11 2018(Updated: )
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-er5110g Firmware | ||
TP-Link TL-ER5110G | ||
TP-Link TL-ER5120G Firmware | ||
TP-Link TL-ER5120G | ||
TP-Link TL-ER5510G Firmware | ||
Tp-link Tl-er5510g | ||
Tp-link Tl-er5520g Firmware | ||
TP-Link TL-ER5520G | ||
TP-Link TL-R4149G Firmware | ||
TP-Link TL-R4149G | ||
TP-Link TL-R4239G Firmware | ||
TP-LINK TL-R4239G | ||
TP-Link TL-R4299G Firmware | ||
TP-Link TL-R4299G | ||
TP-LINK TL-R473GP-AC | ||
TP-LINK TL-R473GP-AC | ||
Tp-link Tl-r473g Firmware | ||
Tp-link R473g Firmware | ||
Tp-link Tl-r473p-ac Firmware | ||
Tp-link Tl-r473p-ac Firmware | ||
Tp-link Tl-r473g Firmware | ||
Tp-link R473g Firmware | ||
Tp-link R478g+ Firmware | ||
TP-Link R478G+ | ||
TP-Link TL-R478 Firmware | ||
TP-Link R478 | ||
TP-Link R478+ Firmware | ||
Tp-link R478+ | ||
Tp-link R483g | ||
TP-Link TL-R483G | ||
Tp-link Tl-r483 Firmware | ||
TP-Link TL-R483 | ||
TP-Link TL-R488 Firmware | ||
TP-Link TL-R488 | ||
TP-Link War1300L Firmware | ||
TP-Link War1300L Firmware | ||
TP-Link WAR1750L Firmware | ||
TP-Link WAR1750L Firmware | ||
TP-Link Archer WAR2600L | ||
Tp-link War2600l Firmware | ||
TP-Link WAR302 Firmware | ||
TP-Link WAR302 | ||
Tp-link Tl-war450 Firmware | ||
Tp-link Tl-war450 Firmware | ||
Tp-link Tl-war450 Firmware | ||
Tp-link Tl-war450 Firmware | ||
TP-Link WAR458L Firmware | ||
TP-Link WAR458L Firmware | ||
TP-Link WAR458L Firmware | ||
TP-Link WAR458L | ||
TP-Link WDR900L Firmware | ||
TP-Link War900L | ||
TP-Link TL-WVR1300G Firmware | ||
TP-Link WVR1300G | ||
Tp-link Tl-wvr1300l Firmware | ||
Tp-link Wvr1300l Firmware | ||
TP-Link TL-WVR1750L Firmware | ||
TP-Link WVR1750L | ||
TP-Link WVR2600L | ||
Tp-link Wvr2600l Firmware | ||
Tp-link Tl-wvr300 Firmware | ||
Tp-link Wvr300 Firmware | ||
TP-Link WVR302 Firmware | ||
TP-Link WVR302 Firmware | ||
TP-Link WVR4300L Firmware | ||
TP-Link WVR4300L Firmware | ||
TP-Link WVR450 Firmware | =1.0161125 | |
Tp-link Wvr450l Firmware | ||
TP-Link WVR450 Firmware | ||
TP-Link WVR450 Firmware | ||
TP-Link TL-WVR458L Firmware | ||
Tp-link Wvr458l Firmware | ||
TP-Link WVR900G Firmware | =3.0_170306 | |
TP-Link WVR900G Firmware | ||
TP-Link WVR900L Firmware | ||
TP-Link TL-WVR900L |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-15613 is classified as a high severity vulnerability due to its potential for remote command execution.
To fix CVE-2017-15613, update the affected TP-Link devices to the latest firmware version provided by the vendor.
CVE-2017-15613 affects various TP-Link WVR, WAR, and ER devices, specifically those with the vulnerable firmware versions.
CVE-2017-15613 allows attackers to execute arbitrary commands on the device due to command injection vulnerabilities.
CVE-2017-15613 requires remote authenticated access for exploitation, which makes it a concern for secured environments.