TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Er5110g_firmware |
Tp-link |
- |
- |
References