CVE-2020-10882 PoC — TP-Link Archer A7 AC1750 操作系统命令注入漏洞

Source

https://github.com/lnversed/CVE-2020-10882

Associated Vulnerability

Title:TP-Link Archer A7 AC1750 操作系统命令注入漏洞 (CVE-2020-10882)
Description:TP-Link Archer A7 AC1750是中国普联（TP-Link）公司的一款无线路由器。使用190726 AC1750版本固件的TP-Link Archer A7中的tdpServer服务存在操作系统命令注入漏洞，该漏洞源于在进行系统调用之前，程序没有正确验证用户提交的字符串。攻击者可利用该漏洞执行任意代码。

Description

cve based on vulnerable cisco's Archer A7 routers

File Snapshot


 [4.0K]  /data/pocs/cfe0c621a7a883e1b2976083ba8a421becca5432
├── [   0]  CVE-2020-10882.gpr
├── [4.0K]  CVE-2020-10882.rep
│   ├── [4.0K]  idata
│   │   ├── [4.0K]  00
│   │   │   ├── [4.0K]  ~00000000.db
│   │   │   │   └── [3.4M]  db.24.gbf
│   │   │   └── [ 483]  00000000.prp
│   │   ├── [  59]  ~index.bak
│   │   ├── [ 103]  ~index.dat
│   │   └── [  65]  ~journal.bak
│   ├── [ 157]  project.prp
│   ├── [4.0K]  user
│   │   └── [  59]  ~index.dat
│   └── [4.0K]  versioned
│       └── [  59]  ~index.dat
└── [ 221]  readme.md

6 directories, 10 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!