Filtered by vendor Tp-link
Subscribe
Total
348 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-46536 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkRegVeriRegister. | |||||
CVE-2023-30383 | 1 Tp-link | 6 Archer C20, Archer C20 Firmware, Archer C2 V1 and 3 more | 2023-12-10 | N/A | 7.5 HIGH |
TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data. | |||||
CVE-2023-46535 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getResetVeriRegister. | |||||
CVE-2023-40357 | 1 Tp-link | 8 Archer A10, Archer A10 Firmware, Archer Ax10 and 5 more | 2023-12-10 | N/A | 8.0 HIGH |
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX50 firmware versions prior to 'Archer AX50(JP)_V1_230529', Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504', Archer AX10 firmware versions prior to 'Archer AX10(JP)_V1.2_230508', and Archer AX11000 firmware versions prior to 'Archer AX11000(JP)_V1_230523'. | |||||
CVE-2023-39747 | 1 Tp-link | 6 Tl-wr841n V8, Tl-wr841n V8 Firmware, Tl-wr940n V2 and 3 more | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm. | |||||
CVE-2023-31710 | 1 Tp-link | 2 Archer Ax21, Archer Ax21 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow. | |||||
CVE-2023-38588 | 1 Tp-link | 2 Archer C3150, Archer C3150 Firmware | 2023-12-10 | N/A | 8.0 HIGH |
Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | |||||
CVE-2023-46526 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function resetCloudPwdRegister. | |||||
CVE-2023-39748 | 1 Tp-link | 2 Tl-wr1041n V2, Tl-wr1041n V2 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N V2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
CVE-2023-46371 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-Link device TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function upgradeInfoJsonToBin. | |||||
CVE-2023-39745 | 1 Tp-link | 6 Tl-wr841n V8, Tl-wr841n V8 Firmware, Tl-wr940n V2 and 3 more | 2023-12-10 | N/A | 7.5 HIGH |
TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | |||||
CVE-2023-31188 | 1 Tp-link | 4 Archer C50 V3, Archer C50 V3 Firmware, Archer C55 and 1 more | 2023-12-10 | N/A | 8.0 HIGH |
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'. | |||||
CVE-2023-37284 | 1 Tp-link | 2 Archer C20, Archer C20 Firmware | 2023-12-10 | N/A | 8.8 HIGH |
Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication. | |||||
CVE-2023-46373 | 1 Tp-link | 2 Tl-wdr7660, Tl-wdr7660 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-Link TL-WDR7660 2.0.30 has a stack overflow vulnerability via the function deviceInfoJsonToBincauses. | |||||
CVE-2023-46539 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle. | |||||
CVE-2023-40531 | 1 Tp-link | 2 Archer Ax6000, Archer Ax6000 Firmware | 2023-12-10 | N/A | 8.0 HIGH |
Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | |||||
CVE-2023-43135 | 1 Tp-link | 2 Tl-er5120g, Tl-er5120g Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | |||||
CVE-2023-46538 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkResetVeriRegister. | |||||
CVE-2023-46520 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function uninstallPluginReqHandle. | |||||
CVE-2023-43138 | 1 Tp-link | 2 Tl-er5120g, Tl-er5120g Firmware | 2023-12-10 | N/A | 8.8 HIGH |
TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point. |