Filtered by vendor Tp-link
Subscriptions
Total
348 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6971 | 1 Tp-link | 2 Tl-wr1043nd, Tl-wr1043nd Firmware | 2020-08-24 | N/A |
| An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials. | ||||
| CVE-2019-15060 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2020-08-24 | N/A |
| The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. | ||||
| CVE-2019-13614 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2020-08-24 | N/A |
| CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | ||||
| CVE-2019-13613 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2020-08-24 | N/A |
| CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | ||||
| CVE-2019-13267 | 1 Tp-link | 4 Archer C2 V1, Archer C2 V1 Firmware, Archer C3200 V1 and 1 more | 2020-08-24 | N/A |
| TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. In order to transfer data from the host network to the guest network, the sender joins and then leaves an IGMP group. After it leaves, the router (following the IGMP protocol) creates an IGMP Membership Query packet with the Group IP and sends it to both the Host and the Guest networks. The data is transferred within the Group IP field, which is completely controlled by the sender. | ||||
| CVE-2019-13266 | 1 Tp-link | 4 Archer C2 V1, Archer C2 V1 Firmware, Archer C3200 V1 and 1 more | 2020-08-24 | N/A |
| TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK message. Studying the NAK case revealed that the router erroneously sends the NAK to both Host and Guest networks with the same Transaction ID as found in the DHCP Request. This allows encoding of data to be sent cross-router into the 32-bit Transaction ID field. | ||||
| CVE-2018-12577 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2020-08-24 | N/A |
| The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. | ||||
| CVE-2018-18489 | 1 Tp-link | 2 Wr840n, Wr840n Firmware | 2020-08-24 | N/A |
| The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of 1472. | ||||
| CVE-2018-16119 | 1 Tp-link | 2 Tl-wr1043nd, Tl-wr1043nd Firmware | 2020-08-24 | N/A |
| Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm. | ||||
| CVE-2020-15056 | 1 Tp-link | 2 Tl-ps310u, Tl-ps310u Firmware | 2020-08-09 | 4.3 Medium |
| TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name. | ||||
| CVE-2020-15055 | 1 Tp-link | 2 Tl-ps310u, Tl-ps310u Firmware | 2020-08-09 | 8.8 High |
| TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | ||||
| CVE-2012-5687 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2020-07-13 | N/A |
| Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI. | ||||
| CVE-2020-13224 | 1 Tp-link | 14 Nc200, Nc200 Firmware, Nc210 and 11 more | 2020-06-24 | 8.8 High |
| TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow | ||||
| CVE-2020-10916 | 1 Tp-link | 2 Tl-wa855re, Tl-wa855re Firmware | 2020-05-14 | 8.0 High |
| This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the first-time setup process. The issue results from the lack of proper validation on first-time setup requests. An attacker can leverage this vulnerability to reset the password for the Admin account and execute code in the context of the device. Was ZDI-CAN-10003. | ||||
| CVE-2020-12110 | 1 Tp-link | 14 Nc200, Nc200 Firmware, Nc210 and 11 more | 2020-05-12 | 9.8 Critical |
| Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. | ||||
| CVE-2020-12111 | 1 Tp-link | 4 Nc260, Nc260 Firmware, Nc450 and 1 more | 2020-05-12 | 8.8 High |
| Certain TP-Link devices allow Command Injection. This affects NC260 1.5.2 build 200304 and NC450 1.5.3 build 200304. | ||||
| CVE-2020-10231 | 1 Tp-link | 14 Nc200, Nc200 Firmware, Nc210 and 11 more | 2020-05-12 | 7.5 High |
| TP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference. | ||||
| CVE-2020-12475 | 1 Tp-link | 1 Omada Controller | 2020-05-08 | 5.5 Medium |
| TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar. | ||||
| CVE-2020-8423 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2020-04-06 | 7.2 High |
| A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. | ||||
| CVE-2020-10886 | 1 Tp-link | 2 Ac1750, Ac1750 Firmware | 2020-04-01 | 9.8 Critical |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tmpServer service, which listens on TCP port 20002. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9662. | ||||