CVE-2018-12692

Опубликовано: 23 июн. 2018

Источник: nvd

CVSS3: 8.8

CVSS2: 6.5

EPSS Низкий

Описание

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json.

Ссылки

https://medium.com/advisability/the-in-security-of-the-tp-link-technologies-tl-wa850re-wi-fi-range-extender-26db87a7a0cc
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/44912/
Exploit
Third Party Advisory
VDB Entry
https://medium.com/advisability/the-in-security-of-the-tp-link-technologies-tl-wa850re-wi-fi-range-extender-26db87a7a0cc
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/44912/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tp-link:tl-wa850re_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wa850re:5:*:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.07132

Низкий

8.8 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-78

Связанные уязвимости

GHSA-2jc5-4g6p-2928