Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tp-link vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-36359
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted GET request.
Tp-link Tl-wr940n Firmware -
Tp-link Tl-wr841n Firmware -
Tp-link Tl-wr941nd Firmware -
8.8
CVSSv3
CVE-2023-36489
Multiple TP-LINK products allow a network-adjacent unauthenticated malicious user to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-W...
Tp-link Tl-wr902ac Firmware
Tp-link Tl-wr802n Firmware
Tp-link Tl-wr841n Firmware
8.8
CVSSv3
CVE-2022-46910
An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows malicious users to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
Tp-link Tl-wa901n Firmware
Tp-link Tl-wa901nd V1 Firmware
Tp-link Tl-wa901nd V2 Firmware
NA
CVE-2014-9350
TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote malicious users to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.
Tp-link Tl-wr740n Firmware 3.16.6
Tp-link Tl-wr740n Firmware 3.16.4
Tp-link Tl-wr740n Firmware 3.17.0
Tp-link Tl-wr740n 4
1 EDB exploit
8.8
CVSSv3
CVE-2023-32619
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated malicious user ...
Tp-link Archer C55 Firmware
Tp-link Archer C50 V3 Firmware
8.8
CVSSv3
CVE-2019-13268
TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. They forward ARP requests, which are sent as broadcast packets, between the host and the guest networks. To ...
Tp-link Archer C3200 V1 Firmware -
Tp-link Archer C2 V1 Firmware -
9.8
CVSSv3
CVE-2017-8218
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.
Tp-link C2 Firmware
Tp-link C20i Firmware
6.5
CVSSv3
CVE-2017-8219
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI.
Tp-link C2 Firmware
Tp-link C20i Firmware
9.9
CVSSv3
CVE-2017-8220
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.
Tp-link C2 Firmware
Tp-link C20i Firmware
1 Github repository
8.8
CVSSv3
CVE-2019-13266
TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the r...
Tp-link Archer C3200 V1 Firmware -
Tp-link Archer C2 V1 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »