Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-41653 PoC — Tp-link TL-WR840N 代码注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-41653.yaml
Associated Vulnerability
Title:Tp-link TL-WR840N 代码注入漏洞 (CVE-2021-41653)
Description:Tp-link TL-WR840N是中国普联(Tp-link)公司的一款无线路由器。 TP-Link TL-WR840N EU v5路由器 TL-WR840N(EU) v5 171211固件之前版本存在安全漏洞,设备中的PING功能对于IP地址提交的数据缺少过滤和转义,容易受到通过IP地址输入字段中精心制作的负载的远程代码执行的攻击。
Description
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field.
File Snapshot

 id: CVE-2021-41653

info:
  name: TP-Link - OS Command Injection
  author: gy741
  severity: critica

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.