Vulnerabilities > TP Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-08 | CVE-2021-44864 | Classic Buffer Overflow vulnerability in Tp-Link Wn886N Firmware 1.0.1 TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. | 4.0 |
| 2022-01-21 | CVE-2021-35003 | Stack-based Buffer Overflow vulnerability in Tp-Link Archer C90 Firmware 1.0.6 This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) routers. | 10.0 |
| 2022-01-21 | CVE-2021-35004 | Stack-based Buffer Overflow vulnerability in Tp-Link Tl-Wa1201 Firmware 1.0.1 This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points. | 10.0 |
| 2021-12-23 | CVE-2021-4144 | OS Command Injection vulnerability in Tp-Link Tl-Wr802N Firmware TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection. | 6.5 |
| 2021-12-17 | CVE-2021-41451 | HTTP Request Smuggling vulnerability in Tp-Link Archer Ax10 Firmware 230220/230508 A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack. | 7.5 |
| 2021-12-08 | CVE-2021-41450 | HTTP Request Smuggling vulnerability in Tp-Link Archer Ax10 V1 Firmware 1.3.1/210809/211014 An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. | 7.5 |
| 2021-12-07 | CVE-2021-40288 | Authentication Bypass by Spoofing vulnerability in Tp-Link Archer Ax10 Firmware A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames | 7.5 |
| 2021-11-13 | CVE-2021-41653 | Code Injection vulnerability in Tp-Link Tl-Wr840N Firmware The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. | 10.0 |
| 2021-08-19 | CVE-2021-29280 | Exposure of Resource to Wrong Sphere vulnerability in Tp-Link Tl-Wr840N Firmware In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow | 4.3 |
| 2021-08-11 | CVE-2021-38543 | Unspecified vulnerability in Tp-Link Ue330 Firmware TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. network tp-link | 4.3 |