Authenticated RCE via Parental Control command injection

The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es).

N/A

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

TP-LINK多款产品 安全漏洞

TP-LINK TL-WR841ND等都是中国普联（TP-LINK）公司的产品。TP-LINK TL-WR841ND是一款无线路由器。TP-Link Archer C7等都是中国普联（TP-Link）公司的产品。TP-Link Archer C7是一款路由器。TP-Link TL-WR841N是一款路由器。 TP-LINK多款产品存在安全漏洞，该漏洞源于家长控制页面处理不当，可能导致远程命令执行。以下产品及版本受到影响：TP-Link Archer C7(EU) V2 241108之前版本和TL-WR84

N/A

N/A