oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem.
References
Link | Resource |
---|---|
https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-TPLink.md | Exploit Third Party Advisory |
https://therealunicornsecurity.github.io/TPLink/ | Exploit Third Party Advisory |
https://www.tp-link.com/fr/support/download/tl-wr840n/v6/#Firmware | Vendor Advisory |
https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-TPLink.md | Exploit Third Party Advisory |
https://therealunicornsecurity.github.io/TPLink/ | Exploit Third Party Advisory |
https://www.tp-link.com/fr/support/download/tl-wr840n/v6/#Firmware | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 05:28
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-TPLink.md - Exploit, Third Party Advisory | |
References | () https://therealunicornsecurity.github.io/TPLink/ - Exploit, Third Party Advisory | |
References | () https://www.tp-link.com/fr/support/download/tl-wr840n/v6/#Firmware - Vendor Advisory |
Information
Published : 2021-01-06 21:15
Updated : 2024-11-21 05:28
NVD link : CVE-2020-36178
Mitre link : CVE-2020-36178
CVE.ORG link : CVE-2020-36178
JSON object : View
Products Affected
tp-link
- tl-wr840n_firmware
- tl-wr840n
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')