Skip to main content

TP-Link

440 CVEs vendor

Monthly

CVE-2022-26641 HIGH POC This Week

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Tl Wr840N Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-26640 HIGH POC This Week

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Tl Wr840N Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-26639 HIGH POC This Week

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Tl Wr840N Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
1.2%
CVE-2022-25064 CRITICAL POC THREAT Emergency

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 39.8%.

Command Injection TP-Link RCE Tl Wr840N Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
39.8%
Threat
4.7
CVE-2022-25062 HIGH This Week

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Integer Overflow Denial Of Service Tl Wr840N Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
4.5%
CVE-2022-25061 CRITICAL POC THREAT Emergency

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 72.5%.

TP-Link Command Injection Tl Wr840N Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
72.5%
Threat
5.6
CVE-2022-25060 CRITICAL POC THREAT Emergency

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 52.4%.

Command Injection TP-Link Tl Wr840N Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
52.4%
Threat
5.0
CVE-2022-25074 CRITICAL POC THREAT Act Now

TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE TP-Link Buffer Overflow Tl Wr902Ac Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
13.0%
CVE-2022-25072 CRITICAL POC THREAT Act Now

TP-Link Archer A54 Archer A54(US)_V1_210111 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE TP-Link Buffer Overflow Archer A54 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
13.0%
CVE-2022-24355 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Stack Overflow TP-Link Buffer Overflow Tl Wr940n Firmware
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2022-24354 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.59103(5553) routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE TP-Link Ac1750 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2022-22922 CRITICAL POC Act Now

TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wa850Re Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2021-45608 CRITICAL POC PATCH Act Now

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Netgear RCE D-Link Integer Overflow TP-Link +4
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2021-4144 HIGH This Week

TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link Command Injection Tl Wr802N Firmware
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2021-41451 HIGH This Week

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Request Smuggling Information Disclosure Archer Ax10 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
3.2%
CVE-2021-41450 HIGH This Week

An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling TP-Link Archer Ax10 V1 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
2.3%
CVE-2021-40288 HIGH PATCH This Week

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

TP-Link Authentication Bypass Archer Ax10 Firmware
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2021-41653 CRITICAL POC THREAT Emergency

The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 77.5%.

Code Injection TP-Link RCE Tl Wr840N Firmware
NVD VulDB
CVSS 3.1
9.8
EPSS
77.5%
Threat
5.8
CVE-2021-29280 MEDIUM POC This Month

In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow. Rated medium severity (CVSS 6.4). Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Information Disclosure Tl Wr840N Firmware
NVD GitHub
CVSS 3.1
6.4
EPSS
0.8%
CVE-2021-38543 MEDIUM POC This Month

TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Ue330 Firmware
NVD
CVSS 3.1
5.9
EPSS
1.3%
CVE-2021-28858 MEDIUM POC This Month

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wpa4220 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2021-28857 HIGH POC This Week

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wpa4220 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2021-31659 HIGH POC This Week

TP-Link TL-SG2005, TL-SG2008, etc. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF TP-Link Tl Sg2005 Firmware Tl Sg2008 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2021-31658 HIGH POC This Week

TP-Link TL-SG2005, TL-SG2008, etc. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Denial Of Service Tl Sg2005 Firmware Tl Sg2008 Firmware
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
1.1%
CVE-2021-27246 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE TP-Link Stack Overflow Ac1750 Firmware
NVD
CVSS 3.1
8.0
EPSS
6.6%
CVE-2021-26827 HIGH POC This Week

Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Tl Wr2041 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2021-3125 HIGH This Week

In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Information Disclosure Tl Xdr3230 Firmware Tl Xdr5430 Firmware Tl Xdr3250 Firmware +3
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2021-29302 HIGH POC This Week

TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE TP-Link Tl Wr802N Firmware
NVD GitHub
CVSS 3.1
8.1
EPSS
5.9%
CVE-2021-27245 HIGH This Week

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7(US)_V5_210125 and Archer A7(US)_V5_200220 AC1750 routers. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

TP-Link Authentication Bypass Archer A7 Firmware
NVD
CVSS 3.1
8.1
EPSS
3.2%
CVE-2021-3275 MEDIUM POC This Month

Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link XSS Td W9977 Firmware Tl Wa801Nd Firmware Tl Wa801N Firmware +2
NVD GitHub
CVSS 3.1
6.1
EPSS
1.8%
CVE-2021-27210 MEDIUM POC This Month

TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via [USER_CFG#0,0,0,0,0,0#0,0,0,0,0,0]0,0 to the /cgi?1&5 URI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C5V Firmware
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2021-27209 HIGH POC This Week

In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C5V Firmware
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2020-35575 CRITICAL POC Act Now

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Wa901Nd Firmware Archer C5 Firmware Archer C7 Firmware +24
NVD
CVSS 3.1
9.8
EPSS
7.6%
CVE-2020-5797 MEDIUM POC This Month

UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Archer C9 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-28877 CRITICAL POC Act Now

Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Wdr7400 Firmware Wdr7500 Firmware Wdr7660 Firmware +12
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-28005 MEDIUM POC This Month

httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wpa4220 Firmware
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2020-24297 HIGH POC This Week

httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Tl Wpa4220 Firmware
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2020-28347 CRITICAL POC THREAT Emergency

tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection TP-Link Ac1750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
73.8%
CVE-2020-5795 MEDIUM POC This Month

UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE TP-Link Archer A7 Firmware
NVD
CVSS 3.1
6.2
EPSS
1.0%
CVE-2020-24363 HIGH POC KEV THREAT This Week

TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass TP-Link Tl Wa855Re Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
20.7%
CVE-2020-15057 MEDIUM This Month

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-15056 MEDIUM This Month

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2020-15055 HIGH This Week

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-15054 HIGH This Week

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-14965 MEDIUM This Month

On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS CSRF TP-Link Tl Wr740N Firmware Tl Wr740Nd Firmware
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-13224 HIGH POC This Week

TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Nc200 Firmware Nc210 Firmware Nc220 Firmware +4
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2020-10916 HIGH This Week

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Wa855Re Firmware
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2020-12109 HIGH POC THREAT Act Now

Certain TP-Link devices allow Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Nc200 Firmware Nc210 Firmware Nc220 Firmware +4
NVD
CVSS 3.1
8.8
EPSS
74.3%
CVE-2020-12111 HIGH POC This Week

Certain TP-Link devices allow Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Nc260 Firmware Nc450 Firmware
NVD
CVSS 3.1
8.8
EPSS
8.0%
CVE-2020-12475 MEDIUM POC This Month

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Path Traversal Omada Controller
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-12110 CRITICAL POC THREAT Act Now

Certain TP-Link devices have a Hardcoded Encryption Key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass TP-Link Nc200 Firmware Nc210 Firmware Nc220 Firmware +4
NVD
CVSS 3.1
9.8
EPSS
14.4%
CVE-2020-8423 HIGH POC This Week

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE TP-Link Tl Wr841n Firmware
NVD
CVSS 3.1
7.2
EPSS
9.3%
CVE-2020-10231 HIGH POC This Week

TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service TP-Link Nc450 Firmware Nc260 Firmware +5
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2020-11445 MEDIUM This Month

TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure TP-Link Nc450 Firmware Nc260 Firmware Nc250 Firmware +12
NVD
CVSS 3.1
5.3
EPSS
1.8%
CVE-2020-10888 CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Ac1750 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-10887 CRITICAL Act Now

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Ac1750 Firmware
NVD
CVSS 3.1
9.8
EPSS
4.1%
CVE-2020-10886 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection TP-Link Ac1750 Firmware
NVD
CVSS 3.1
9.8
EPSS
5.5%
CVE-2020-10885 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE TP-Link Ac1750 Firmware
NVD
CVSS 3.1
9.8
EPSS
7.2%
CVE-2020-10884 HIGH POC THREAT Act Now

This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE TP-Link Ac1750 Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
24.7%
CVE-2020-10883 HIGH POC Act Now

This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation TP-Link Ac1750 Firmware
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
5.9%
CVE-2020-10882 HIGH POC THREAT Act Now

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection TP-Link Ac1750 Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
44.7%
CVE-2020-10881 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow TP-Link Ac1750 Firmware
NVD
CVSS 3.1
9.8
EPSS
10.9%
CVE-2020-9375 HIGH POC THREAT This Week

TP-Link Archer C50 V3 devices before Build 200318 Rel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Archer C50
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
28.2%
CVE-2020-9374 CRITICAL POC THREAT Act Now

On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Tl Wr849N Firmware
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
42.0%
CVE-2019-18993 MEDIUM PATCH This Month

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

TP-Link XSS Openwrt
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2019-18992 MEDIUM PATCH This Month

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" (this can occur, for example,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

TP-Link XSS Openwrt
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2019-13653 CRITICAL Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2019-13652 CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2019-13651 CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2019-13650 CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2019-13649 CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2019-13268 HIGH POC This Week

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C3200 V1 Firmware Archer C2 V1 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2019-13267 HIGH POC This Week

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C3200 V1 Firmware Archer C2 V1 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2019-13266 HIGH POC This Week

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C3200 V1 Firmware Archer C2 V1 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2019-15060 HIGH POC This Week

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link RCE Command Injection Tl Wr840N Firmware
NVD
CVSS 3.0
8.8
EPSS
4.0%
CVE-2019-12104 HIGH POC PATCH This Week

The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.0
8.8
EPSS
4.7%
CVE-2019-12103 CRITICAL PATCH Act Now

The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

TP-Link Command Injection M7350 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2019-13614 CRITICAL POC Act Now

CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow TP-Link RCE Memory Corruption +1
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2019-13613 CRITICAL POC Act Now

CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow TP-Link RCE Memory Corruption +1
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2019-6972 HIGH POC This Week

An issue was discovered on TP-Link TL-WR1043ND V2 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wr1043Nd Firmware
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2019-6971 CRITICAL POC THREAT Act Now

An issue was discovered on TP-Link TL-WR1043ND V2 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wr1043Nd Firmware
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
13.7%
CVE-2019-6989 HIGH POC THREAT This Week

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow RCE Memory Corruption Tl Wr940n Firmware +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
11.6%
CVE-2019-12195 MEDIUM POC This Month

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link XSS Tl Wr840N Firmware
NVD Exploit-DB
CVSS 3.0
4.8
EPSS
1.8%
CVE-2019-6487 HIGH POC This Week

TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link RCE Command Injection Tl Wdr5620 Firmware Tl Wdr3500 Firmware +3
NVD GitHub
CVSS 3.0
8.8
EPSS
8.5%
CVE-2018-20372 MEDIUM POC This Month

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS TP-Link Td W8961Nd Firmware
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-3951 HIGH POC This Week

An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow TP-Link Tl R600Vpn Firmware
NVD
CVSS 3.1
7.2
EPSS
3.9%
CVE-2018-3950 HIGH POC This Week

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow TP-Link Tl R600Vpn Firmware
NVD
CVSS 3.1
8.8
EPSS
2.9%
CVE-2018-3949 HIGH POC THREAT This Week

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Path Traversal Tl R600Vpn Firmware
NVD
CVSS 3.1
7.5
EPSS
53.3%
CVE-2018-3948 HIGH POC THREAT This Week

An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tl R600Vpn Firmware
NVD
CVSS 3.1
7.5
EPSS
23.1%
CVE-2018-19537 HIGH POC This Week

TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload TP-Link Archer C5 Firmware
NVD GitHub
CVSS 3.0
7.2
EPSS
6.0%
EPSS 1% CVSS 7.2
HIGH POC This Week

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Tl Wr840N Firmware
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Tl Wr840N Firmware
NVD GitHub
EPSS 1% CVSS 7.2
HIGH POC This Week

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Tl Wr840N Firmware
NVD GitHub
EPSS 40% 4.7 CVSS 9.8
CRITICAL POC THREAT Emergency

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 39.8%.

Command Injection TP-Link RCE +1
NVD VulDB
EPSS 4% CVSS 7.5
HIGH This Week

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Integer Overflow Denial Of Service +1
NVD VulDB
EPSS 72% 5.6 CVSS 9.8
CRITICAL POC THREAT Emergency

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 72.5%.

TP-Link Command Injection Tl Wr840N Firmware
NVD VulDB
EPSS 52% 5.0 CVSS 9.8
CRITICAL POC THREAT Emergency

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 52.4%.

Command Injection TP-Link Tl Wr840N Firmware
NVD VulDB
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE TP-Link +2
NVD GitHub
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

TP-Link Archer A54 Archer A54(US)_V1_210111 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE TP-Link +2
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Stack Overflow TP-Link +2
NVD
EPSS 2% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.59103(5553) routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE TP-Link +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wa850Re Firmware
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

Certain D-Link, Edimax, NETGEAR, TP-Link, Tenda, and Western Digital devices are affected by an integer overflow by an unauthenticated attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Netgear RCE D-Link +6
NVD
EPSS 2% CVSS 8.8
HIGH This Week

TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link Command Injection Tl Wr802N Firmware
NVD
EPSS 3% CVSS 7.5
HIGH This Week

A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Request Smuggling Information Disclosure +1
NVD VulDB
EPSS 2% CVSS 7.5
HIGH This Week

An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Request Smuggling TP-Link +1
NVD VulDB
EPSS 3% CVSS 7.5
HIGH PATCH This Week

A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

TP-Link Authentication Bypass Archer Ax10 Firmware
NVD
EPSS 77% 5.8 CVSS 9.8
CRITICAL POC THREAT Emergency

The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 77.5%.

Code Injection TP-Link RCE +1
NVD VulDB
EPSS 1% CVSS 6.4
MEDIUM POC This Month

In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow. Rated medium severity (CVSS 6.4). Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM POC This Month

TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Ue330 Firmware
NVD
EPSS 0% CVSS 5.5
MEDIUM POC This Month

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wpa4220 Firmware
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wpa4220 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

TP-Link TL-SG2005, TL-SG2008, etc. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF TP-Link Tl Sg2005 Firmware +1
NVD GitHub VulDB
EPSS 1% CVSS 8.1
HIGH POC This Week

TP-Link TL-SG2005, TL-SG2008, etc. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Denial Of Service Tl Sg2005 Firmware +1
NVD GitHub VulDB
EPSS 7% CVSS 8.0
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE TP-Link +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Tl Wr2041 Firmware
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Information Disclosure Tl Xdr3230 Firmware +5
NVD
EPSS 6% CVSS 8.1
HIGH POC This Week

TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow RCE TP-Link +1
NVD GitHub
EPSS 3% CVSS 8.1
HIGH This Week

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7(US)_V5_210125 and Archer A7(US)_V5_200220 AC1750 routers. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

TP-Link Authentication Bypass Archer A7 Firmware
NVD
EPSS 2% CVSS 6.1
MEDIUM POC This Month

Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link XSS Td W9977 Firmware +4
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via [USER_CFG#0,0,0,0,0,0#0,0,0,0,0,0]0,0 to the /cgi?1&5 URI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C5V Firmware
NVD
EPSS 0% CVSS 7.1
HIGH POC This Week

In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C5V Firmware
NVD
EPSS 8% CVSS 9.8
CRITICAL POC Act Now

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Wa901Nd Firmware +26
NVD
EPSS 1% CVSS 6.1
MEDIUM POC This Month

UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Archer C9 Firmware
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Wdr7400 Firmware +14
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM POC This Month

httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +1
NVD
EPSS 4% CVSS 8.8
HIGH POC This Week

httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Tl Wpa4220 Firmware
NVD
EPSS 74% CVSS 9.8
CRITICAL POC THREAT Emergency

tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection TP-Link +1
NVD GitHub
EPSS 1% CVSS 6.2
MEDIUM POC This Month

UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE TP-Link Archer A7 Firmware
NVD
EPSS 21% CVSS 8.8
HIGH POC KEV THREAT This Week

TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass TP-Link Tl Wa855Re Firmware
NVD Exploit-DB
EPSS 0% CVSS 6.5
MEDIUM This Month

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow TP-Link Tl Ps310U Firmware
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS TP-Link Tl Ps310U Firmware
NVD
EPSS 1% CVSS 8.8
HIGH This Week

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Ps310U Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure TP-Link Tl Ps310U Firmware
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS CSRF TP-Link +2
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC This Week

TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Nc200 Firmware +6
NVD
EPSS 1% CVSS 8.0
HIGH This Week

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Wa855Re Firmware
NVD
EPSS 74% CVSS 8.8
HIGH POC THREAT Act Now

Certain TP-Link devices allow Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Nc200 Firmware +6
NVD
EPSS 8% CVSS 8.8
HIGH POC This Week

Certain TP-Link devices allow Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Nc260 Firmware +1
NVD
EPSS 1% CVSS 5.5
MEDIUM POC This Month

TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Path Traversal Omada Controller
NVD
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

Certain TP-Link devices have a Hardcoded Encryption Key. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass TP-Link Nc200 Firmware +6
NVD
EPSS 9% CVSS 7.2
HIGH POC This Week

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE TP-Link +1
NVD
EPSS 4% CVSS 7.5
HIGH POC This Week

TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service TP-Link +7
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

TP-Link cloud cameras through 2020-02-09 allow remote attackers to bypass authentication and obtain sensitive information via vectors involving a Wi-Fi session with GPS enabled, aka CNVD-2020-04855. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure TP-Link Nc450 Firmware +14
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Ac1750 Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Ac1750 Firmware
NVD
EPSS 6% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection TP-Link +1
NVD
EPSS 7% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE TP-Link Ac1750 Firmware
NVD
EPSS 25% CVSS 8.8
HIGH POC THREAT Act Now

This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE TP-Link Ac1750 Firmware
NVD Exploit-DB
EPSS 6% CVSS 7.8
HIGH POC Act Now

This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation TP-Link Ac1750 Firmware
NVD Exploit-DB
EPSS 45% CVSS 8.8
HIGH POC THREAT Act Now

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection TP-Link +1
NVD Exploit-DB
EPSS 11% CVSS 9.8
CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 28% CVSS 7.5
HIGH POC THREAT This Week

TP-Link Archer C50 V3 devices before Build 200318 Rel. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Archer C50
NVD Exploit-DB
EPSS 42% CVSS 9.8
CRITICAL POC THREAT Act Now

On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Tl Wr849N Firmware
NVD GitHub Exploit-DB
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to the cgi-bin/luci/admin/network/firewall/forwards URI (this can occur, for example, on a TP-Link Archer C7 device). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

TP-Link XSS Openwrt
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/admin/network/firewall/rules URI: "Open ports on router" and "New forward rule" and "New Source NAT" (this can occur, for example,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

TP-Link XSS Openwrt
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C3200 V1 Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C3200 V1 Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Archer C3200 V1 Firmware +1
NVD
EPSS 4% CVSS 8.8
HIGH POC This Week

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link RCE Command Injection +1
NVD
EPSS 5% CVSS 8.8
HIGH POC PATCH This Week

The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by several post-authentication command injection vulnerabilities. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

TP-Link Command Injection M7350 Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow TP-Link +3
NVD
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow TP-Link +3
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

An issue was discovered on TP-Link TL-WR1043ND V2 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wr1043Nd Firmware
NVD GitHub
EPSS 14% CVSS 9.8
CRITICAL POC THREAT Act Now

An issue was discovered on TP-Link TL-WR1043ND V2 devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Information Disclosure Tl Wr1043Nd Firmware
NVD GitHub Exploit-DB
EPSS 12% CVSS 8.8
HIGH POC THREAT This Week

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow RCE +3
NVD Exploit-DB
EPSS 2% CVSS 4.8
MEDIUM POC This Month

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link XSS Tl Wr840N Firmware
NVD Exploit-DB
EPSS 9% CVSS 8.8
HIGH POC This Week

TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link RCE Command Injection +5
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS TP-Link Td W8961Nd Firmware
NVD
EPSS 4% CVSS 7.2
HIGH POC This Week

An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow TP-Link +1
NVD
EPSS 3% CVSS 8.8
HIGH POC This Week

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 53% CVSS 7.5
HIGH POC THREAT This Week

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Path Traversal +1
NVD
EPSS 23% CVSS 7.5
HIGH POC THREAT This Week

An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tl R600Vpn Firmware
NVD
EPSS 6% CVSS 7.2
HIGH POC This Week

TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload TP-Link Archer C5 Firmware
NVD GitHub
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy