Описание
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Ссылки
- Broken Link
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Permissions Required
- ExploitPatchThird Party Advisory
- Broken Link
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Permissions Required
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_3130g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_3130g:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_3171g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_3171g:-:*:*:*:*:*:*:*
Конфигурация 3Версия до 1.6.18p12 (включая)
Одновременно
cpe:2.3:o:tp-link:tl-sc_4171g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-sc_4171g:-:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.22391
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
почти 4 года назад
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
EPSS
Процентиль: 96%
0.22391
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78