Filtered by vendor Tp-link
Subscribe
Total
351 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2646 | 1 Tp-link | 2 Tl-wr1043nd, Tl-wr1043nd Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability. | |||||
| CVE-2019-13653 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). | |||||
| CVE-2019-16893 | 1 Tp-link | 2 Tp-sg105e, Tp-sg105e Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request. | |||||
| CVE-2019-13650 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5). | |||||
| CVE-2013-4848 | 1 Tp-link | 2 Tl-wdr4300, Tl-wdr4300 Firmware | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
| TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities. | |||||
| CVE-2013-2572 | 1 Tp-link | 8 Tl-sc 3130, Tl-sc 3130 Firmware, Tl-sc 3130g and 5 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. | |||||
| CVE-2019-13652 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). | |||||
| CVE-2019-13651 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). | |||||
| CVE-2019-13649 | 1 Tp-link | 2 M7350, M7350 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
| TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). | |||||
| CVE-2019-19143 | 1 Tp-link | 2 Tl-wr849n, Tl-wr849n Firmware | 2024-02-28 | 4.1 MEDIUM | 6.1 MEDIUM |
| TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. | |||||
| CVE-2019-17147 | 1 Tp-link | 2 Tl-wr841n, Tl-wr841n Firmware | 2024-02-28 | 9.3 HIGH | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. | |||||