Vulnerability Description
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/luci, related to the get_device_byif function in /usr/lib/lua/luci/controller/admin/interface.lua in uhttpd.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Tl-Er5510G | v2 |
| Tp-Link | Tl-Er5520G | v2 |
| Tp-Link | Tl-Er6120G | v2 |
| Tp-Link | Tl-Er6520G | v2 |
| Tp-Link | Tl-R4239G | v2 |
| Tp-Link | Tl-R4299G | v2 |
| Tp-Link | Tl-R473 | v5 |
| Tp-Link | Tl-R478 | v6 |
| Tp-Link | Tl-R478\+ | v7 |
| Tp-Link | Tl-R478G\+ | v3 |
| Tp-Link | Tl-R483 | v5 |
| Tp-Link | Tl-R483G | v2 |
| Tp-Link | Tl-R488 | v5 |
| Tp-Link | Tl-Wvr300 | v4 |
| Tp-Link | Tl-Wvr302 | v2 |
| Tp-Link | Tl-Wvr450G | v5 |
| Tp-Link | Tl-Wvr900G | v3 |
| Tp-Link | Tl-Wvr450 Firmware | - |
| Tp-Link | Tl-Wvr450 | - |
| Tp-Link | Tl-Wvr450L Firmware | - |
Related Weaknesses (CWE)
References
- https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/TplinkIntIssue Tracking
- https://github.com/coincoin7/Wireless-Router-Vulnerability/blob/master/TplinkIntIssue Tracking
FAQ
What is CVE-2017-16960?
CVE-2017-16960 is a vulnerability with a CVSS score of 8.8 (HIGH). TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindif field of an admin/interface command to cgi-bin/l...
How severe is CVE-2017-16960?
CVE-2017-16960 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16960?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Tl-Er5510G, Tp-Link Tl-Er5520G, Tp-Link Tl-Er6120G, Tp-Link Tl-Er6520G, Tp-Link Tl-R4239G.