oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem.
References
Link | Resource |
---|---|
https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-TPLink.md | Exploit Third Party Advisory |
https://therealunicornsecurity.github.io/TPLink/ | Exploit Third Party Advisory |
https://www.tp-link.com/fr/support/download/tl-wr840n/v6/#Firmware | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
12 Jan 2021, 14:38
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-78 | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
CPE | cpe:2.3:o:tp-link:tl-wr840n_firmware:6_eu_0.9.1_4.16:*:*:*:*:*:*:* cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:* |
|
References | (MISC) https://therealunicornsecurity.github.io/TPLink/ - Exploit, Third Party Advisory | |
References | (MISC) https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-TPLink.md - Exploit, Third Party Advisory | |
References | (MISC) https://www.tp-link.com/fr/support/download/tl-wr840n/v6/#Firmware - Vendor Advisory |
06 Jan 2021, 23:15
Type | Values Removed | Values Added |
---|---|---|
Summary | oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem. |
06 Jan 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-06 21:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-36178
Mitre link : CVE-2020-36178
CVE.ORG link : CVE-2020-36178
JSON object : View
Products Affected
tp-link
- tl-wr840n_firmware
- tl-wr840n
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')