Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tp-link Subscribe
Filtered by product Tl-wr802n Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4144 1 Tp-link 2 Tl-wr802n, Tl-wr802n Firmware 2022-01-04 6.5 MEDIUM 8.8 HIGH
TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection.
CVE-2021-29302 1 Tp-link 2 Tl-wr802n, Tl-wr802n Firmware 2021-04-21 9.3 HIGH 8.1 HIGH
TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution.
CVE-2021-3275 1 Tp-link 10 Archer-c3150, Archer-c3150 Firmware, Td-w9977 and 7 more 2021-03-31 4.3 MEDIUM 6.1 MEDIUM
Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. Some of the pages including dhcp.htm, networkMap.htm, dhcpClient.htm, qsEdit.htm, and qsReview.htm and use this vulnerable hostname function (setDefaultHostname()) without sanitization.