TP-Link
Monthly
Critical buffer overflow vulnerability in TOTOLINK EX1200T firmware version 4.1.2cu.5232_B20210713 affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists, increasing real-world exploitation risk.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formWirelessTbl endpoint. An authenticated attacker can exploit the submit-url parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public proof-of-concept code is available, and this vulnerability may be actively exploited in the wild.
A buffer overflow vulnerability in TOTOLINK EX1200T (CVSS 8.8). Risk factors: public PoC available.
Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler at endpoint /boafrm/formWsc. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit code available and may be actively exploited in the wild.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless routers (up to firmware version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formReflashClientTbl endpoint. An authenticated attacker can remotely exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability violations. Public exploit code has been disclosed, making this an active threat with demonstrated proof-of-concept availability.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless routers (up to version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formIpQoS endpoint. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability). The exploit has been publicly disclosed and proof-of-concept code is available, making this a high-priority threat for affected deployments.
Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler at the /boafrm/formFilter endpoint. An authenticated remote attacker can exploit this vulnerability to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit code available, creating immediate risk for deployed devices.
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the WiFi repeater configuration function. An authenticated remote attacker can exploit this vulnerability by sending a malicious POST request with an oversized Password parameter to /cgi-bin/cstecgi.cgi, achieving complete compromise of the device including arbitrary code execution. Public disclosure and proof-of-concept code availability significantly elevate real-world risk despite requiring authenticated access.
A critical buffer overflow vulnerability exists in TOTOLINK T10 firmware version 4.1.8cu.5207 in the setWiFiMeshName function of the POST request handler (/cgi-bin/cstecgi.cgi). An authenticated remote attacker can overflow the device_name parameter to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, elevating real-world risk despite the requirement for authenticated access.
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setWiFiAclRules function in the POST request handler (/cgi-bin/cstecgi.cgi). An authenticated attacker can remotely exploit this vulnerability by manipulating the 'desc' parameter to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). A public proof-of-concept exists, elevating real-world exploitation risk despite requiring low-privilege authentication.
Critical remote buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setUpgradeFW function in the POST request handler. An authenticated remote attacker can exploit improper input validation on the slaveIpList parameter to achieve complete system compromise with high confidentiality, integrity, and availability impact. The vulnerability has public exploit code available and represents an actively exploitable threat.
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the UploadCustomModule function in the POST request handler at /cgi-bin/cstecgi.cgi. An authenticated remote attacker can exploit this vulnerability by manipulating the File argument to achieve buffer overflow, resulting in complete system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and represents an immediate threat to affected devices.
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.
A critical buffer overflow vulnerability exists in TOTOLINK EX1200T firmware version 4.1.2cu.5232_B20210713 in the HTTP POST request handler for the /boafrm/formPortFw endpoint. An authenticated attacker can exploit this by manipulating the 'service_type' parameter to achieve remote code execution with high impact to confidentiality, integrity, and availability (CVSS 8.8). Public exploits are available, making this an active threat.
A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.
Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler for the /boafrm/formIpQoS endpoint. An authenticated remote attacker can exploit improper input validation on the 'mac' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability (CIA triad). Public exploit disclosure and proof-of-concept availability significantly elevate real-world exploitation risk.
A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler in the /boafrm/formPortFw endpoint. An authenticated attacker can exploit the unsanitized 'service_type' parameter to trigger a buffer overflow, achieving remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code is available and the vulnerability meets criteria for active exploitation risk.
Critical buffer overflow vulnerability in TOTOLINK X15 router firmware version 1.0.0-B20230714.1105, affecting the HTTP POST request handler at endpoint /boafrm/formReflashClientTbl. An authenticated remote attacker can exploit improper argument validation in the 'submit-url' parameter to achieve complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code exists and the vulnerability meets CISA KEV criteria for active exploitation risk.
Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler at endpoint /boafrm/formWsc. An authenticated remote attacker can exploit this via a malicious 'submit-url' parameter to achieve remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code is available, creating immediate risk for affected deployments.
Critical buffer overflow vulnerability in TOTOLINK X15 1.0.0-B20230714.1105 affecting the DMZ configuration HTTP POST handler. An authenticated attacker can exploit a malformed 'submit-url' parameter in the /boafrm/formDMZ endpoint to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). A proof-of-concept exploit has been publicly disclosed, and the vulnerability may be actively exploited in the wild.
A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105, affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated attacker can exploit the unsanitized 'submit-url' parameter to trigger a buffer overflow, potentially achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit proof-of-concept available, creating immediate real-world risk.
Critical buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler at endpoint /boafrm/formStats. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available and the vulnerability is actively exploitable.
Critical remote buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler at endpoint /boafrm/formDosCfg. An authenticated attacker can exploit improper input validation of the 'submit-url' parameter to achieve buffer overflow, leading to complete system compromise including confidentiality, integrity, and availability breaches. A public proof-of-concept exploit exists, increasing real-world exploitation risk.
A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the NTP configuration handler (/boafrm/formNtp). An authenticated attacker can remotely trigger a buffer overflow via the 'submit-url' parameter in HTTP POST requests, achieving remote code execution with high confidentiality, integrity, and availability impact. Public exploit code is available and the vulnerability meets active exploitation criteria.
Critical buffer overflow vulnerability in TOTOLINK X15 wireless router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formSetLg endpoint. An authenticated attacker can exploit the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed, making this an actively exploitable vulnerability with demonstrated proof-of-concept.
Critical buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formWlanRedirect endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'redirect-url' parameter to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit code available, significantly increasing real-world exploitation risk.
Critical remote buffer overflow vulnerability in TOTOLINK N302R Plus routers up to version 3.4.0-B20201028, affecting the HTTP POST request handler in the /boafrm/formFilter endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'url' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability (CIA triad fully compromised). The vulnerability has public exploit disclosure and represents an active real-world threat to deployed TOTOLINK router infrastructure.
A critical buffer overflow vulnerability exists in TOTOLINK N302R Plus router firmware (versions up to 3.4.0-B20201028) in the HTTP POST request handler for the /boafrm/formPortFw endpoint. An authenticated remote attacker can exploit this by manipulating the 'service_type' parameter to cause buffer overflow, achieving remote code execution with high confidentiality, integrity, and availability impact. Public exploit code is available and the vulnerability shows strong indicators of active exploitation risk.
Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available.
Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions prior to 1.0.15 build 241203 rel61480. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A stored cross-site scripting (XSS) vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 <= Build 241230 Rel. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required. No vendor patch available.
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 48.8%.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper handling of directory listing paths in the web interface. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Critical buffer overflow vulnerability in TOTOLINK EX1200T firmware version 4.1.2cu.5232_B20210713 affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to achieve arbitrary code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code exists, increasing real-world exploitation risk.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless router (version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formWirelessTbl endpoint. An authenticated attacker can exploit the submit-url parameter to achieve remote code execution with high confidentiality, integrity, and availability impact (CVSS 8.8). Public proof-of-concept code is available, and this vulnerability may be actively exploited in the wild.
A buffer overflow vulnerability in TOTOLINK EX1200T (CVSS 8.8). Risk factors: public PoC available.
Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler at endpoint /boafrm/formWsc. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit code available and may be actively exploited in the wild.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless routers (up to firmware version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formReflashClientTbl endpoint. An authenticated attacker can remotely exploit this vulnerability to achieve complete system compromise including confidentiality, integrity, and availability violations. Public exploit code has been disclosed, making this an active threat with demonstrated proof-of-concept availability.
Critical buffer overflow vulnerability in TOTOLINK EX1200T wireless routers (up to version 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler for the /boafrm/formIpQoS endpoint. An authenticated remote attacker can exploit this vulnerability to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability). The exploit has been publicly disclosed and proof-of-concept code is available, making this a high-priority threat for affected deployments.
Critical buffer overflow vulnerability in TOTOLINK EX1200T routers (firmware versions up to 4.1.2cu.5232_B20210713) affecting the HTTP POST request handler at the /boafrm/formFilter endpoint. An authenticated remote attacker can exploit this vulnerability to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit code available, creating immediate risk for deployed devices.
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the WiFi repeater configuration function. An authenticated remote attacker can exploit this vulnerability by sending a malicious POST request with an oversized Password parameter to /cgi-bin/cstecgi.cgi, achieving complete compromise of the device including arbitrary code execution. Public disclosure and proof-of-concept code availability significantly elevate real-world risk despite requiring authenticated access.
A critical buffer overflow vulnerability exists in TOTOLINK T10 firmware version 4.1.8cu.5207 in the setWiFiMeshName function of the POST request handler (/cgi-bin/cstecgi.cgi). An authenticated remote attacker can overflow the device_name parameter to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, elevating real-world risk despite the requirement for authenticated access.
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setWiFiAclRules function in the POST request handler (/cgi-bin/cstecgi.cgi). An authenticated attacker can remotely exploit this vulnerability by manipulating the 'desc' parameter to achieve code execution with full system compromise (confidentiality, integrity, and availability impact). A public proof-of-concept exists, elevating real-world exploitation risk despite requiring low-privilege authentication.
Critical remote buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the setUpgradeFW function in the POST request handler. An authenticated remote attacker can exploit improper input validation on the slaveIpList parameter to achieve complete system compromise with high confidentiality, integrity, and availability impact. The vulnerability has public exploit code available and represents an actively exploitable threat.
Critical buffer overflow vulnerability in TOTOLINK T10 firmware version 4.1.8cu.5207 affecting the UploadCustomModule function in the POST request handler at /cgi-bin/cstecgi.cgi. An authenticated remote attacker can exploit this vulnerability by manipulating the File argument to achieve buffer overflow, resulting in complete system compromise (confidentiality, integrity, and availability). The vulnerability has public exploit disclosure and represents an immediate threat to affected devices.
A buffer overflow vulnerability in A vulnerability classified as critical (CVSS 8.8). Risk factors: public PoC available.
A critical buffer overflow vulnerability exists in TOTOLINK EX1200T firmware version 4.1.2cu.5232_B20210713 in the HTTP POST request handler for the /boafrm/formPortFw endpoint. An authenticated attacker can exploit this by manipulating the 'service_type' parameter to achieve remote code execution with high impact to confidentiality, integrity, and availability (CVSS 8.8). Public exploits are available, making this an active threat.
A buffer overflow vulnerability (CVSS 8.8). Risk factors: public PoC available.
Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler for the /boafrm/formIpQoS endpoint. An authenticated remote attacker can exploit improper input validation on the 'mac' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability (CIA triad). Public exploit disclosure and proof-of-concept availability significantly elevate real-world exploitation risk.
A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler in the /boafrm/formPortFw endpoint. An authenticated attacker can exploit the unsanitized 'service_type' parameter to trigger a buffer overflow, achieving remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code is available and the vulnerability meets criteria for active exploitation risk.
Critical buffer overflow vulnerability in TOTOLINK X15 router firmware version 1.0.0-B20230714.1105, affecting the HTTP POST request handler at endpoint /boafrm/formReflashClientTbl. An authenticated remote attacker can exploit improper argument validation in the 'submit-url' parameter to achieve complete system compromise including confidentiality, integrity, and availability breaches. Public exploit code exists and the vulnerability meets CISA KEV criteria for active exploitation risk.
Critical buffer overflow vulnerability in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the HTTP POST request handler at endpoint /boafrm/formWsc. An authenticated remote attacker can exploit this via a malicious 'submit-url' parameter to achieve remote code execution with high impact on confidentiality, integrity, and availability. Public exploit code is available, creating immediate risk for affected deployments.
Critical buffer overflow vulnerability in TOTOLINK X15 1.0.0-B20230714.1105 affecting the DMZ configuration HTTP POST handler. An authenticated attacker can exploit a malformed 'submit-url' parameter in the /boafrm/formDMZ endpoint to achieve remote code execution with full system compromise (confidentiality, integrity, and availability impact). A proof-of-concept exploit has been publicly disclosed, and the vulnerability may be actively exploited in the wild.
A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105, affecting the HTTP POST request handler in the /boafrm/formSaveConfig endpoint. An authenticated attacker can exploit the unsanitized 'submit-url' parameter to trigger a buffer overflow, potentially achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit proof-of-concept available, creating immediate real-world risk.
Critical buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler at endpoint /boafrm/formStats. An authenticated remote attacker can exploit improper input validation on the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code is available and the vulnerability is actively exploitable.
Critical remote buffer overflow vulnerability in TOTOLINK X15 router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler at endpoint /boafrm/formDosCfg. An authenticated attacker can exploit improper input validation of the 'submit-url' parameter to achieve buffer overflow, leading to complete system compromise including confidentiality, integrity, and availability breaches. A public proof-of-concept exploit exists, increasing real-world exploitation risk.
A critical buffer overflow vulnerability exists in TOTOLINK X15 firmware version 1.0.0-B20230714.1105 affecting the NTP configuration handler (/boafrm/formNtp). An authenticated attacker can remotely trigger a buffer overflow via the 'submit-url' parameter in HTTP POST requests, achieving remote code execution with high confidentiality, integrity, and availability impact. Public exploit code is available and the vulnerability meets active exploitation criteria.
Critical buffer overflow vulnerability in TOTOLINK X15 wireless router (firmware version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formSetLg endpoint. An authenticated attacker can exploit the 'submit-url' parameter to trigger a buffer overflow, achieving remote code execution with full system compromise (confidentiality, integrity, and availability impact). Public exploit code has been disclosed, making this an actively exploitable vulnerability with demonstrated proof-of-concept.
Critical buffer overflow vulnerability in TOTOLINK X15 router firmware (version 1.0.0-B20230714.1105) affecting the HTTP POST request handler for the /boafrm/formWlanRedirect endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'redirect-url' parameter to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). The vulnerability has been publicly disclosed with exploit code available, significantly increasing real-world exploitation risk.
Critical remote buffer overflow vulnerability in TOTOLINK N302R Plus routers up to version 3.4.0-B20201028, affecting the HTTP POST request handler in the /boafrm/formFilter endpoint. An authenticated attacker can remotely exploit this vulnerability by manipulating the 'url' parameter to achieve buffer overflow, resulting in complete compromise of confidentiality, integrity, and availability (CIA triad fully compromised). The vulnerability has public exploit disclosure and represents an active real-world threat to deployed TOTOLINK router infrastructure.
A critical buffer overflow vulnerability exists in TOTOLINK N302R Plus router firmware (versions up to 3.4.0-B20201028) in the HTTP POST request handler for the /boafrm/formPortFw endpoint. An authenticated remote attacker can exploit this by manipulating the 'service_type' parameter to cause buffer overflow, achieving remote code execution with high confidentiality, integrity, and availability impact. Public exploit code is available and the vulnerability shows strong indicators of active exploitation risk.
Buffer overflow in TOTOLINK EX1200T via setLanguageCfg. EPSS 0.52%. PoC available.
Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions prior to 1.0.15 build 241203 rel61480. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A stored cross-site scripting (XSS) vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 <= Build 241230 Rel. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
This vulnerability exists in TP-Link Tapo H200 V1 IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required. No vendor patch available.
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 48.8%.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'gw' parameter at /userRpm/WanDynamicIpV6CfgRpm.htm. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting (XSS) due to improper handling of directory listing paths in the web interface. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands on the product that has. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.