CVE-2022-25064 PoC — Tp-link TL-WR840N 操作系统命令注入漏洞

Source

https://github.com/exploitwritter/CVE-2022-25064

Associated Vulnerability

Title:Tp-link TL-WR840N 操作系统命令注入漏洞 (CVE-2022-25064)
Description:TP-LINK TL-WR840N是中国普联（TP-LINK）公司的一款无线路由器。 TP-LINK TL-WR840存在操作系统命令注入漏洞，该漏洞源于通过oal wan6 setIpAddr函数被发现包含一个远程代码执行(RCE)漏洞。

Description

This script exploits a remote command execution vulnerability in the TPLink WR840N router, using the configure function IPv6 protocol.

Readme

# CVE-2022-25064
This script exploits a OS Command Injection vulnerability in the TPLink WR840N router, using the configure function IPv6 protocol.

File Snapshot


 [4.0K]  /data/pocs/dfc98c5cd6d716a143dc159e565f67c504fa7809
├── [3.3K]  CVE-2022-25064.py
├── [ 148]  README.md
└── [1.5K]  reverse_shell_mipsle.c

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!