Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tp-link tp-link - vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2017-8220
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow remote code execution with a single HTTP request by placing shell commands in a "host=" line within HTTP POST data.
Tp-link C2 Firmware
Tp-link C20i Firmware
1 Github repository
5.3
CVSSv3
CVE-2017-8217
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too permissive iptables rules, e.g., SNMP is not blocked on any interface.
Tp-link C2 Firmware
Tp-link C20i Firmware
6.5
CVSSv3
CVE-2017-8219
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n allow DoSing the HTTP server via a crafted Cookie header to the /cgi/ansi URI.
Tp-link C2 Firmware
Tp-link C20i Firmware
9.8
CVSSv3
CVE-2017-8218
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n has a backdoor admin account with the 1234 password, a backdoor guest account with the guest password, and a backdoor test account with the test password.
Tp-link C2 Firmware
Tp-link C20i Firmware
8.8
CVSSv3
CVE-2022-46435
An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows malicious users to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
Tp-link Tl-wr941nd V2 Firmware
Tp-link Tl-wr941nd V3 Firmware
Tp-link Tl-wr941nd V4 Firmware
7.5
CVSSv3
CVE-2020-9375
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote malicious users to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
Tp-link Archer C50 Build 170822
Tp-link Archer C50 Build 171227
Tp-link Archer C50 Build 200318
1 Github repository
7.5
CVSSv3
CVE-2023-39745
TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows malicious users to cause a Denial of Service (DoS) via a crafted GET request.
Tp-link Tl-wr940n V2 Firmware -
Tp-link Tl-wr941nd V5 Firmware -
Tp-link Tl-wr841n V8 Firmware -
9.8
CVSSv3
CVE-2023-39747
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm.
Tp-link Tl-wr940n V2 Firmware -
Tp-link Tl-wr941nd V5 Firmware -
Tp-link Tl-wr841n V8 Firmware -
9.8
CVSSv3
CVE-2013-2573
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
Tp-link Tl-sc 3130g Firmware
Tp-link Tl-sc 3171g Firmware
Tp-link Tl-sc 4171g Firmware
1 EDB exploit
NA
CVE-2012-5687
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
Tp-link Tl-wr841n -
Tp-link Tl-wr841n Firmware
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »