Filtered by vendor Tp-link
Subscribe
Total
262 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1389 | 1 Tp-link | 2 Archer Ax21, Archer Ax21 Firmware | 2023-03-21 | N/A | 8.8 HIGH |
| TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request. | |||||
| CVE-2023-23040 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2023-03-03 | N/A | 7.5 HIGH |
| TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication. | |||||
| CVE-2023-0936 | 1 Tp-link | 1 Archer C50 | 2023-03-02 | N/A | 6.5 MEDIUM |
| A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552. | |||||
| CVE-2020-10884 | 1 Tp-link | 2 Ac1750, Ac1750 Firmware | 2023-02-15 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. This issue results from the use of hard-coded encryption key. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-9652. | |||||
| CVE-2020-10882 | 1 Tp-link | 2 Ac1750, Ac1750 Firmware | 2023-02-03 | 8.3 HIGH | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650. | |||||
| CVE-2020-10883 | 1 Tp-link | 2 Ac1750, Ac1750 Firmware | 2023-02-03 | 4.6 MEDIUM | 7.8 HIGH |
| This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the file system. The issue lies in the lack of proper permissions set on the file system. An attacker can leverage this vulnerability to escalate privileges. Was ZDI-CAN-9651. | |||||
| CVE-2018-3948 | 1 Tp-link | 2 Tl-r600vpn, Tl-r600vpn Firmware | 2023-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability. | |||||
| CVE-2018-3949 | 1 Tp-link | 2 Tl-r600vpn, Tl-r600vpn Firmware | 2023-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated web request to trigger this vulnerability. | |||||
| CVE-2018-3950 | 1 Tp-link | 2 Tl-r600vpn, Tl-r600vpn Firmware | 2023-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2018-3951 | 1 Tp-link | 2 Tl-r600vpn, Tl-r600vpn Firmware | 2023-02-03 | 6.5 MEDIUM | 7.2 HIGH |
| An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-35576 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2023-02-02 | 9.0 HIGH | 8.8 HIGH |
| A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. | |||||
| CVE-2019-19143 | 1 Tp-link | 2 Tl-wr849n, Tl-wr849n Firmware | 2023-02-01 | 4.1 MEDIUM | 6.1 MEDIUM |
| TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. | |||||
| CVE-2022-41505 | 1 Tp-link | 2 Tapo C200 V1, Tapo C200 V1 Firmware | 2023-01-31 | N/A | 6.4 MEDIUM |
| An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value. | |||||
| CVE-2021-37774 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2023-01-27 | N/A | 8.0 HIGH |
| An issue was discovered in function httpProcDataSrv in TL-WDR7660 2.0.30 that allows attackers to execute arbitrary code. | |||||
| CVE-2023-22303 | 1 Tp-link | 2 Tl-sg105pe, Tl-sg105pe Firmware | 2023-01-24 | N/A | 9.8 CRITICAL |
| TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an authentication bypass vulnerability. Under the certain conditions, an attacker may impersonate an administrator of the product. As a result, information may be obtained and/or the product's settings may be altered with the privilege of the administrator. | |||||
| CVE-2020-12109 | 1 Tp-link | 14 Nc200, Nc200 Firmware, Nc210 and 11 more | 2023-01-20 | 9.0 HIGH | 8.8 HIGH |
| Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. | |||||
| CVE-2022-4498 | 1 Tp-link | 4 Archer C5, Archer C5 Firmware, Tl-wr710n and 1 more | 2023-01-19 | N/A | 9.8 CRITICAL |
| In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution. | |||||
| CVE-2022-4499 | 1 Tp-link | 4 Archer C5, Archer C5 Firmware, Tl-wr710n and 1 more | 2023-01-19 | N/A | 7.5 HIGH |
| TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password. | |||||
| CVE-2022-48194 | 1 Tp-link | 2 Tl-wr902ac, Tl-wr902ac Firmware | 2023-01-09 | N/A | 8.8 HIGH |
| TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate. | |||||
| CVE-2022-46434 | 1 Tp-link | 2 Tl-wa7510n V1, Tl-wa7510n V1 Firmware | 2022-12-28 | N/A | 7.5 HIGH |
| An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. | |||||