TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Er5110g_firmware |
Tp-link |
- (including) |
- (including) |
References