CVE-2017-8220

CRITICAL(9.0)

AV:N/AC:L/Au:S/C:C/I:C/A:C

Risk Signal Score33/100 — MITTEL

CVSS 9 — Kritisch
EPSS 36%

EPSS-Score

36%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

Technische Schwere

Beschreibung

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.

Referenzen

https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.html
https://pierrekim.github.io/blog/2017-02-09-tplink-c2-and-c20i-vulnerable.html