Filtered by vendor Tp-link
Subscribe
Total
424 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-27359 | 1 Tp-link | 2 Archer Ax21, Archer Ax21 Firmware | 2025-08-06 | N/A | 8.1 HIGH |
| TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the root user. . Was ZDI-CAN-19664. | |||||
| CVE-2024-5242 | 1 Tp-link | 2 Omada Er605, Omada Er605 Firmware | 2025-08-06 | N/A | 7.5 HIGH |
| TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DDNS error codes. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22522. | |||||
| CVE-2024-5228 | 1 Tp-link | 2 Omada Er605, Omada Er605 Firmware | 2025-08-06 | N/A | 7.5 HIGH |
| TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22383. | |||||
| CVE-2024-5227 | 1 Tp-link | 2 Omada Er605, Omada Er605 Firmware | 2025-08-06 | N/A | 7.5 HIGH |
| TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are only vulnerable if configured to use a PPTP VPN with LDAP authentication. The specific flaw exists within the handling of the username parameter provided to the /usr/bin/pppd endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22446. | |||||
| CVE-2025-53712 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-08-01 | N/A | 7.5 HIGH |
| A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_AP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-53713 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-08-01 | N/A | 7.5 HIGH |
| A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_APC.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-53714 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-08-01 | N/A | 7.5 HIGH |
| A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WzdWlanSiteSurveyRpm_AP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-53715 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-08-01 | N/A | 7.5 HIGH |
| A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wan6to4TunnelCfgRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-53711 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2025-08-01 | N/A | 7.5 HIGH |
| A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-0730 | 1 Tp-link | 2 Tl-sg108e, Tl-sg108e Firmware | 2025-07-16 | 2.6 LOW | 3.7 LOW |
| A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request method with sensitive query strings. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.0 Build 20250124 Rel. 54920(Beta) is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers. | |||||
| CVE-2025-6151 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2025-07-15 | N/A | N/A |
| A vulnerability has been found in TP-Link TL-WR940N V4 and TL-WR841N V11. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm, which may lead to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-9284 | 1 Tp-link | 2 Tl-wr841nd, Tl-wr841nd Firmware | 2025-07-15 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-46313 | 1 Tp-link | 2 Wr941nd, Wr941nd Firmware | 2025-07-09 | N/A | 8.0 HIGH |
| TP-Link WR941ND V6 has a stack overflow vulnerability in the ssid parameter in /userRpm/popupSiteSurveyRpm.htm. | |||||
| CVE-2025-25427 | 1 Tp-link | 2 Wr841n, Wr841n Firmware | 2025-07-09 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 <= Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload when the upnp page is loaded. | |||||
| CVE-2024-42815 | 1 Tp-link | 2 Re365, Re365 Firmware | 2025-07-09 | N/A | 9.8 CRITICAL |
| In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for the USER_AGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | |||||
| CVE-2024-57357 | 1 Tp-link | 2 Tl-wpa8630, Tl-wpa8630 Firmware | 2025-07-03 | N/A | 8.0 HIGH |
| An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 allows a remote attacker to execute arbitrary code via function sub_4256CC, which allows command injection by injecting 'devpwd'. | |||||
| CVE-2024-50699 | 1 Tp-link | 2 Tl-wr845n, Tl-wr845n Firmware | 2025-07-02 | N/A | 8.0 HIGH |
| TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account. | |||||
| CVE-2025-5875 | 1 Tp-link | 2 Tl-ipc544ep-w4, Tl-ipc544ep-w4 Firmware | 2025-06-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-46340 | 1 Tp-link | 2 Tl-wr845n, Tl-wr845n Firmware | 2025-06-20 | N/A | 9.8 CRITICAL |
| TL-WR845N(UN)_V4_201214, TP-Link TL-WR845N(UN)_V4_200909, and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset. | |||||
| CVE-2024-46341 | 1 Tp-link | 2 Tl-wr845n, Tl-wr845n Firmware | 2025-06-20 | N/A | 8.0 HIGH |
| TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack. | |||||