Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tp-link vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-49074
A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of u...
NA
CVE-2024-1180
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of TP-Link Omada ER605. Authentication is required to exploit this vulnerabilit...
NA
CVE-2024-1179
TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent malicious users to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required...
1 Github repository
NA
CVE-2023-6437
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TP-Link TP-Link EX20v AX1800, Tp-Link Archer C5v AC1200, Tp-Link TD-W9970, Tp-Link TD-W9970v3, TP-Link VX220-G2u, TP-Link VN020-G2u allows authenticated OS Comman...
NA
CVE-2024-25139
In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. T...
1 Github repository
NA
CVE-2023-43318
TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows malicious users to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests.
Tp-link Tl-sg2210p Firmware 5.0
1 Github repository
NA
CVE-2024-2188
Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated malicious user to create a port mapping rule via a SOAP request and store a malicious JavaScript payload withi...
NA
CVE-2023-46683
A post authentication command injection vulnerability exists when configuring the wireguard VPN functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection . An attacker can make...
Tp-link Er7206 Firmware 1.3.0
NA
CVE-2023-36498
A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated...
Tp-link Er7206 Firmware 1.3.0
NA
CVE-2023-43482
A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to ...
Tp-link Er7206 Firmware 1.3.0
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »