Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-6487 PoC — TP-Link WDR Series 操作系统命令注入漏洞

Source
https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC
Associated Vulnerability
Title:TP-Link WDR Series 操作系统命令注入漏洞 (CVE-2019-6487)
Description:TP-Link WDR Series是中国普联(TP-Link)公司的一款WDR系列无线路由器。 使用v3版本固件(例如:TL-WDR5620 V3.0版本)的TP-Link WDR Series中存在操作系统命令注入漏洞,该漏洞源于‘citycode’字段中包含了sehll元字符。远程攻击者可利用该漏洞执行代码。
Description
CVE-2019-6487. A command injection vulnerability in TP-Link WDR5620 Series up to verion 3.
File Snapshot

 [4.0K]  /data/pocs/74810de01aae575f1fb0546be24f443e3e853abd
└── [1.0K]  poc.py

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.