Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.8
CVSSv3

CVE-2020-14965

Published: 23/06/2020 Updated: 21/07/2021
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Tl-wr740n Firmware

Vulnerability Summary

On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name. The vulnerability can also be exploited through a CSRF, requiring no authentication as an administrator.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tp-link tl-wr740n_firmware -

tp-link tl-wr740nd_firmware -

Github Repositories

https://github.com/g-rubert/CVE-2020-14965

TP-LINK Multiple HTML Injection Vulnerabilities

CVE-2020-14965 ██╗ ██╗████████╗███╗ ███╗██╗ ██╗███╗ ██╗ ██╗███████╗ ██████╗████████╗██╗ ██████╗ ███╗ ██╗ ██║ ██║╚══██╔══╝████╗ ████║██║

References

CWE-79https://github.com/g-rubert/CVE-2020-14965https://nvd.nist.govhttps://github.com/g-rubert/CVE-2020-14965
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook