Vulnerability Description
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luci, related to the zone_get_effect_devices function in /usr/lib/lua/luci/controller/admin/diagnostic.lua in uhttpd.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Tl-Wvr300 Firmware | - |
| Tp-Link | Tl-Wvr300 | - |
| Tp-Link | Tl-Wvr302 Firmware | - |
| Tp-Link | Tl-Wvr302 | - |
| Tp-Link | Tl-Wvr450 Firmware | - |
| Tp-Link | Tl-Wvr450 | - |
| Tp-Link | Tl-Wvr450L Firmware | - |
| Tp-Link | Tl-Wvr450L | - |
| Tp-Link | Tl-Wvr450G Firmware | - |
| Tp-Link | Tl-Wvr450G | - |
| Tp-Link | Tl-Wvr458 Firmware | - |
| Tp-Link | Tl-Wvr458 | - |
| Tp-Link | Tl-Wvr458L Firmware | - |
| Tp-Link | Tl-Wvr458L | - |
| Tp-Link | Tl-Wvr458P Firmware | - |
| Tp-Link | Tl-Wvr458P | - |
| Tp-Link | Tl-Wvr900G Firmware | - |
| Tp-Link | Tl-Wvr900G | - |
| Tp-Link | Tl-Wvr900L Firmware | - |
| Tp-Link | Tl-Wvr900L | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101968Third Party AdvisoryVDB Entry
- https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/TplinkDiaExploitThird Party Advisory
- http://www.securityfocus.com/bid/101968Third Party AdvisoryVDB Entry
- https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/TplinkDiaExploitThird Party Advisory
FAQ
What is CVE-2017-16957?
CVE-2017-16957 is a vulnerability with a CVSS score of 8.8 (HIGH). TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface field of an admin/diagnostic command to cgi-bin/luc...
How severe is CVE-2017-16957?
CVE-2017-16957 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16957?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Tl-Wvr300 Firmware, Tp-Link Tl-Wvr300, Tp-Link Tl-Wvr302 Firmware, Tp-Link Tl-Wvr302, Tp-Link Tl-Wvr450 Firmware.