Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tp-link tp-link - vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2024-21821
Multiple TP-LINK products allow a network-adjacent authenticated malicious user to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115", Archer AX5400 firmware vers...
Tp-link Archer Ax3000 Firmware
Tp-link Archer Ax5400 Firmware
Tp-link Archer Axe75 Firmware
8.1
CVSSv3
CVE-2023-33536
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 exists to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm.
Tp-link Tl-wr940n Firmware -
Tp-link Tl-wr841n Firmware -
Tp-link Tl-wr740n Firmware -
8.8
CVSSv3
CVE-2023-33538
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 exists to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .
Tp-link Tl-wr940n Firmware -
Tp-link Tl-wr841n Firmware -
Tp-link Tl-wr740n Firmware -
8.1
CVSSv3
CVE-2023-33537
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 exists to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.
Tp-link Tl-wr940n Firmware -
Tp-link Tl-wr841n Firmware -
Tp-link Tl-wr740n Firmware -
7.5
CVSSv3
CVE-2022-32058
An infinite loop in the function httpRpmPass of TP-Link TL-WR741N/TL-WR742N V1/V2/V3_130415 allows malicious users to cause a Denial of Service (DoS) via a crafted packet.
Tp-link Tl-wr741n Firmware -
Tp-link Tl-wr742n Firmware -
Tp-link Tl-wr741n Firmware V3 130415
Tp-link Tl-wr742n Firmware V3 130415
1 Github repository
7.5
CVSSv3
CVE-2013-2572
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
Tp-link Tl-sc 3130 Firmware
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
4.8
CVSSv3
CVE-2022-46430
TP-Link TL-WR740N V1 and V2 v3.12.4 and previous versions allows authenticated malicious users to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
Tp-link Tl-wr740n V1 Firmware
Tp-link Tl-wr740n V2 Firmware
Tp-link Tl-wr741nd V1 Firmware
Tp-link Tl-wr741nd V2 Firmware
8.8
CVSSv3
CVE-2018-11481
TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua does not block various punctuation characters.
Tp-link Ipc Tl-ipc223(p)-6 Firmware
Tp-link Tl-ipc323k-d Firmware
Tp-link Tl-ipc325(kp) Firmware
Tp-link Tl-ipc40a-4 Firmware
9.8
CVSSv3
CVE-2018-11482
/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password.
Tp-link Ipc Tl-ipc223(p)-6 Firmware
Tp-link Tl-ipc323k-d Firmware
Tp-link Tl-ipc325(kp) Firmware
Tp-link Tl-ipc40a-4 Firmware
8.8
CVSSv3
CVE-2022-46910
An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows malicious users to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
Tp-link Tl-wa901n Firmware
Tp-link Tl-wa901nd V1 Firmware
Tp-link Tl-wa901nd V2 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »