TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Er5110g_firmware | Tp-link | - (including) | - (including) |