Vulnerabilities (CVE)

Filtered by vendor Tp-link Subscribe
Filtered by product Tl-wr802n
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-36489 1 Tp-link 6 Tl-wr802n, Tl-wr802n Firmware, Tl-wr841n and 3 more 2024-02-28 N/A 8.8 HIGH
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.
CVE-2021-4144 1 Tp-link 2 Tl-wr802n, Tl-wr802n Firmware 2024-02-28 6.5 MEDIUM 8.8 HIGH
TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection.
CVE-2021-29302 1 Tp-link 2 Tl-wr802n, Tl-wr802n Firmware 2024-02-28 9.3 HIGH 8.1 HIGH
TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution.
CVE-2021-3275 1 Tp-link 10 Archer-c3150, Archer-c3150 Firmware, Td-w9977 and 7 more 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. Some of the pages including dhcp.htm, networkMap.htm, dhcpClient.htm, qsEdit.htm, and qsReview.htm and use this vulnerable hostname function (setDefaultHostname()) without sanitization.