Vulnerabilities > TP Link

DATE CVE VULNERABILITY TITLE RISK
2022-10-18 CVE-2022-41540 Use of Hard-coded Credentials vulnerability in Tp-Link Ax10 Firmware V1211117
The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router.
network
high complexity
tp-link CWE-798
5.9
2022-10-18 CVE-2022-41541 Authentication Bypass by Capture-replay vulnerability in Tp-Link Ax10 Firmware V1211117
TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token.
network
high complexity
tp-link CWE-294
8.1
2022-10-18 CVE-2022-42202 Cross-site Scripting vulnerability in Tp-Link Tl-Wr841N Firmware 4.17.16Build120201Rel.54750N
TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS).
network
low complexity
tp-link CWE-79
6.1
2022-09-28 CVE-2022-40486 Code Injection vulnerability in Tp-Link Archer Ax10 V1 Firmware 1.3.1
TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel.
network
low complexity
tp-link CWE-94
8.8
2022-09-12 CVE-2022-37860 Command Injection vulnerability in Tp-Link M7350 Firmware 190531
The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability.
network
low complexity
tp-link CWE-77
critical
9.8
2022-07-07 CVE-2022-32058 Infinite Loop vulnerability in Tp-Link Tl-Wr741N Firmware and Tl-Wr742N Firmware
An infinite loop in the function httpRpmPass of TP-Link TL-WR741N/TL-WR742N V1/V2/V3_130415 allows attackers to cause a Denial of Service (DoS) via a crafted packet.
network
low complexity
tp-link CWE-835
7.8
2022-06-30 CVE-2022-33087 Out-of-bounds Write vulnerability in Tp-Link Archer A5 Firmware and Archer C50 Firmware
A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
network
low complexity
tp-link CWE-787
7.8
2022-06-09 CVE-2022-30075 Unspecified vulnerability in Tp-Link Archer Ax50 Firmware 210730
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation.
network
low complexity
tp-link
8.8
2022-05-25 CVE-2022-29402 Missing Authentication for Critical Function vulnerability in Tp-Link Tl-Wr840N Firmware
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console.
local
low complexity
tp-link CWE-306
7.2
2022-05-10 CVE-2022-26987 Out-of-bounds Write vulnerability in multiple products
TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function.
local
low complexity
tp-link mercusys fastcom CWE-787
7.2