TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua does not block various punctuation characters.
References
Link | Resource |
---|---|
https://github.com/yough3rt/IOT-pwn-for-fun/blob/master/TP-LINK-websys-Authenticated-RCE | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-30T21:00:00
Updated: 2018-05-30T20:57:01
Reserved: 2018-05-25T00:00:00
Link: CVE-2018-11481
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-30T21:29:00.580
Modified: 2018-07-05T16:43:49.733
Link: CVE-2018-11481
JSON object: View
Redhat Information
No data.
CWE