Command Injection Vulnerability in TP-Link Networking Devices
CVE-2017-15634
7.2HIGH
What is CVE-2017-15634?
TP-Link WVR, WAR, and ER series devices are susceptible to a command injection vulnerability. This security flaw allows authenticated remote administrators to execute arbitrary commands on the affected devices by exploiting a vulnerability in the name variable within the wportal.lua file. This issue poses significant risks to network integrity and device security, enabling attackers to manipulate system functions and gain unauthorized access.