1 results (0.001 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint. • https://github.com/B2eFly/Router/blob/main/TPLINK/MR3020/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •