Vulnerabilities > TP Link

DATE CVE VULNERABILITY TITLE RISK
2023-01-11 CVE-2022-4498 Out-of-bounds Write vulnerability in Tp-Link Archer C5 Firmware and Tl-Wr710N Firmware
In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow.
network
low complexity
tp-link CWE-787
critical
9.8
2023-01-11 CVE-2022-4499 Information Exposure Through Discrepancy vulnerability in Tp-Link Archer C5 Firmware and Tl-Wr710N Firmware
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack.
network
low complexity
tp-link CWE-203
7.5
2022-12-30 CVE-2022-48194 Unrestricted Upload of File with Dangerous Type vulnerability in Tp-Link Tl-Wr902Ac Firmware 3.0.9.1
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.
network
low complexity
tp-link CWE-434
8.8
2022-12-20 CVE-2022-46139 Unspecified vulnerability in Tp-Link Tl-Wr940N V4 Firmware
TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
network
low complexity
tp-link
6.5
2022-12-20 CVE-2022-46428 Download of Code Without Integrity Check vulnerability in Tp-Link Tl-Wr1043Nd V1 Firmware
TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
network
high complexity
tp-link CWE-494
4.8
2022-12-20 CVE-2022-46430 Download of Code Without Integrity Check vulnerability in Tp-Link products
TP-Link TL-WR740N V1 and V2 v3.12.4 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
network
high complexity
tp-link CWE-494
4.8
2022-12-20 CVE-2022-46432 Unspecified vulnerability in Tp-Link Tl-Wr743Nd V1 Firmware
An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1.
network
high complexity
tp-link
7.5
2022-12-20 CVE-2022-46434 Unspecified vulnerability in Tp-Link Tl-Wa7510N V1 Firmware
An issue in the firmware update process of TP-Link TL-WA7510N v1 v3.12.6 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
network
high complexity
tp-link
7.5
2022-12-20 CVE-2022-46435 Unspecified vulnerability in Tp-Link products
An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
network
low complexity
tp-link
8.8
2022-12-20 CVE-2022-46910 Unspecified vulnerability in Tp-Link products
An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
network
low complexity
tp-link
8.8