Vulnerability Description
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/bridge.lua in uhttpd.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Tl-Wvr300 Firmware | - |
| Tp-Link | Tl-Wvr300 | - |
| Tp-Link | Tl-Wvr302 Firmware | - |
| Tp-Link | Tl-Wvr302 | - |
| Tp-Link | Tl-Wvr450 Firmware | - |
| Tp-Link | Tl-Wvr450 | - |
| Tp-Link | Tl-Wvr450L Firmware | - |
| Tp-Link | Tl-Wvr450L | - |
| Tp-Link | Tl-Wvr450G Firmware | - |
| Tp-Link | Tl-Wvr450G | - |
| Tp-Link | Tl-Wvr458 Firmware | - |
| Tp-Link | Tl-Wvr458 | - |
| Tp-Link | Tl-Wvr458L Firmware | - |
| Tp-Link | Tl-Wvr458L | - |
| Tp-Link | Tl-Wvr458P Firmware | - |
| Tp-Link | Tl-Wvr458P | - |
| Tp-Link | Tl-Wvr900G Firmware | - |
| Tp-Link | Tl-Wvr900G | - |
| Tp-Link | Tl-Wvr900L Firmware | - |
| Tp-Link | Tl-Wvr900L | - |
Related Weaknesses (CWE)
References
- https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/TplinkBriExploitThird Party Advisory
- https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/TplinkBriExploitThird Party Advisory
FAQ
What is CVE-2017-16958?
CVE-2017-16958 is a vulnerability with a CVSS score of 8.8 (HIGH). TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/bridge command to cgi-bin/luci...
How severe is CVE-2017-16958?
CVE-2017-16958 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16958?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Tl-Wvr300 Firmware, Tp-Link Tl-Wvr300, Tp-Link Tl-Wvr302 Firmware, Tp-Link Tl-Wvr302, Tp-Link Tl-Wvr450 Firmware.