TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.
References
Link | Resource |
---|---|
https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.html | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:05
Updated: 2022-10-03T16:23:05
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-8220
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-04-25T20:59:00.257
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-8220
JSON object: View
Redhat Information
No data.
CWE