9
CVSSv2

CVE-2017-8220

Published: 25/04/2017 Updated: 03/10/2019
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 9.9 | Impact Score: 6 | Exploitability Score: 3.1
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.

Affected Products

Vendor Product Versions
Tp-linkC20i Firmware0.9.1 4.2 V0032.0 Build 160706
Tp-linkC2 Firmware0.9.1 4.2 V0032.0 Build 160706