First published: Mon Nov 27 2017(Updated: )
The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted Accept-Language HTTP header, related to the set_sysinfo and get_sysinfo functions in /usr/lib/lua/luci/controller/locale.lua in uhttpd.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-wvr300 Firmware | ||
Tp-link Tl-wvr300 | ||
Tp-link Tl-wvr302 Firmware | ||
Tp-link Tl-wvr302 | ||
Tp-link Tl-wvr450 Firmware | ||
Tp-link Tl-wvr450 | ||
Tp-link Tl-wvr450l Firmware | ||
Tp-link Tl-wvr450l | ||
Tp-link Tl-wvr450g Firmware | ||
Tp-link Tl-wvr450g | ||
Tp-link Tl-wvr458 Firmware | ||
Tp-link Tl-wvr458 | ||
Tp-link Tl-wvr458l Firmware | ||
Tp-link Tl-wvr458l | ||
Tp-link Tl-wvr458p Firmware | ||
Tp-link Tl-wvr458p | ||
Tp-link Tl-wvr900g Firmware | ||
Tp-link Tl-wvr900g | ||
Tp-link Tl-wvr900l Firmware | ||
Tp-link Tl-wvr900l | ||
Tp-link Tl-wvr1200l Firmware | ||
Tp-link Tl-wvr1200l | ||
Tp-link Tl-wvr1300l Firmware | ||
Tp-link Tl-wvr1300l | ||
Tp-link Tl-wvr1300g Firmware | ||
Tp-link Tl-war1300g | ||
Tp-link Tl-wvr1750l Firmware | ||
Tp-link Tl-wvr1750l | ||
Tp-link Tl-war2600l Firmware | ||
Tp-link Tl-wvr2600l | ||
Tp-link Tl-wvr4300l Firmware | ||
Tp-link Tl-wvr4300l | ||
Tp-link Tl-war302 Firmware | ||
Tp-link Tl-war302 | ||
Tp-link Tl-war450 Firmware | ||
Tp-link Tl-war450 | ||
Tp-link Tl-war450l Firmware | ||
Tp-link Tl-war450l | ||
Tp-link Tl-war458 Firmware | ||
Tp-link Tl-war458 | ||
Tp-link Tl-war458l Firmware | ||
Tp-link Tl-war458l | ||
Tp-link Tl-war900l Firmware | ||
Tp-link Tl-war900l | ||
Tp-link Tl-war1200l Firmware | ||
Tp-link Tl-war1200l | ||
Tp-link Tl-war1300l Firmware | ||
Tp-link Tl-war1300l | ||
Tp-link Tl-war1750l Firmware | ||
Tp-link Tl-war1750l | ||
Tp-link Tl-war2600l | ||
Tp-link Tl-er3210g Firmware | ||
Tp-link Tl-er3210g | ||
Tp-link Tl-er3220g Firmware | ||
Tp-link Tl-er3220g | ||
Tp-link Tl-er5110g Firmware | ||
Tp-link Tl-er5110g | ||
Tp-link Tl-er5120g Firmware | ||
Tp-link Tl-er5120g | ||
Tp-link Tl-er5510g Firmware | ||
Tp-link Tl-er5510g | ||
Tp-link Tl-er5520g Firmware | ||
Tp-link Tl-er5520g | ||
Tp-link Tl-er6110g Firmware | ||
Tp-link Tl-er6110g | ||
Tp-link Tl-er6120g Firmware | ||
Tp-link Tl-er6120g | ||
Tp-link Tl-er6220g Firmware | ||
Tp-link Tl-er6220g | ||
Tp-link Tl-er6510g Firmware | ||
Tp-link Tl-er6510g | ||
Tp-link Tl-er6520g Firmware | ||
Tp-link Tl-er6520g | ||
Tp-link Tl-er7520g Firmware | ||
Tp-link Tl-er7520g | ||
Tp-link Tl-r473 Firmware | ||
Tp-link Tl-r473 | ||
Tp-link Tl-r473g Firmware | ||
TP-LINK TL-R473G | ||
Tp-link Tl-r473p-ac Firmware | ||
Tp-link Tl-r473p-ac | ||
Tp-link Tl-r479gp-ac Firmware | ||
Tp-link Tl-r473gp-ac | ||
Tp-link Tl-r478 Firmware | ||
Tp-link Tl-r478 | ||
Tp-link Tl-r478\+ Firmware | ||
Tp-link Tl-r478\+ | ||
Tp-link Tl-r478g Firmware | ||
Tp-link Tl-r478g | ||
Tp-link Tl-r478g\+ Firmware | ||
Tp-link Tl-r478g\+ | ||
Tp-link Tl-r479p-ac Firmware | ||
Tp-link Tl-r479p-ac | ||
Tp-link Tl-r479gp-ac | ||
Tp-link Tl-r479gpe-ac Firmware | ||
Tp-link Tl-r479gpe-ac | ||
Tp-link Tl-r483 Firmware | ||
Tp-link Tl-r483 | ||
Tp-link Tl-r483g Firmware | ||
Tp-link Tl-r483g | ||
Tp-link Tl-r488 Firmware | ||
Tp-link Tl-r488 | ||
Tp-link Tl-r4149g Firmware | ||
Tp-link Tl-r4149g | ||
Tp-link Tl-r4239g Firmware | ||
Tp-link Tl-r4239g | ||
Tp-link Tl-r4299g Firmware | ||
Tp-link Tl-r4299g |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.