Vulnerabilities (CVE)

Filtered by vendor Tp-link Subscribe
Filtered by product Tl-wpa4220 Firmware
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-28858 1 Tp-link 2 Tl-wpa4220, Tl-wpa4220 Firmware 2024-11-21 2.1 LOW 5.5 MEDIUM
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.
CVE-2021-28857 1 Tp-link 2 Tl-wpa4220, Tl-wpa4220 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.
CVE-2020-28005 1 Tp-link 2 Tl-wpa4220, Tl-wpa4220 Firmware 2024-11-21 3.5 LOW 6.5 MEDIUM
httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023
CVE-2020-24297 1 Tp-link 2 Tl-wpa4220, Tl-wpa4220 Firmware 2024-11-21 9.0 HIGH 8.8 HIGH
httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023