CVE-2017-16959
Severity CVSS v4.0:
Pending analysis
Type:
CWE-22
Path Traversal
Publication date:
27/11/2017
Last modified:
20/04/2025
Description
The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of arbitrary files by making an operation=write;locale=%0d request, and then making an operation=read request with a crafted Accept-Language HTTP header, related to the set_sysinfo and get_sysinfo functions in /usr/lib/lua/luci/controller/locale.lua in uhttpd.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
Base Score 2.0
4.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:tp-link:tl-wvr300_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr300:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr302_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr302:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr450_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr450:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr450l_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr450l:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr450g_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr450g:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr458_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr458:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr458l_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:tp-link:tl-wvr458l:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:tp-link:tl-wvr458p_firmware:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page