Total
29922 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15629 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file. | |||||
| CVE-2017-15628 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file. | |||||
| CVE-2017-15627 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file. | |||||
| CVE-2017-15626 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file. | |||||
| CVE-2017-15625 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file. | |||||
| CVE-2017-15624 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file. | |||||
| CVE-2017-15623 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file. | |||||
| CVE-2017-15622 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file. | |||||
| CVE-2017-15621 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file. | |||||
| CVE-2017-15620 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file. | |||||
| CVE-2017-15619 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file. | |||||
| CVE-2017-15618 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file. | |||||
| CVE-2017-15617 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file. | |||||
| CVE-2017-15616 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file. | |||||
| CVE-2017-15615 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file. | |||||
| CVE-2017-15614 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file. | |||||
| CVE-2017-15613 | 1 Tp-link | 76 Er5110g, Er5110g Firmware, Er5120g and 73 more | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file. | |||||
| CVE-2017-15430 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. | |||||
| CVE-2017-15391 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient Policy Enforcement in Extensions in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to access Extension pages without authorisation via a crafted HTML page. | |||||
| CVE-2017-15387 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient enforcement of Content Security Policy in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to open javascript: URL windows when they should not be allowed to via a crafted HTML page. | |||||