Vulnerabilities > TP Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-13 | CVE-2021-41653 | Code Injection vulnerability in Tp-Link Tl-Wr840N Firmware The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. | 9.8 |
| 2021-08-19 | CVE-2021-29280 | Exposure of Resource to Wrong Sphere vulnerability in Tp-Link Tl-Wr840N Firmware In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow | 6.4 |
| 2021-08-11 | CVE-2021-38543 | Unspecified vulnerability in Tp-Link Ue330 Firmware 20210809 TP-Link UE330 USB splitter devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. | 5.9 |
| 2021-06-15 | CVE-2021-28857 | Insufficiently Protected Credentials vulnerability in Tp-Link Tl-Wpa4220 Firmware 4.0.2 TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie. | 7.5 |
| 2021-06-15 | CVE-2021-28858 | Cleartext Storage of Sensitive Information vulnerability in Tp-Link Tl-Wpa4220 Firmware 4.0.2 TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. | 5.5 |
| 2021-06-10 | CVE-2021-31658 | Improper Validation of Array Index vulnerability in Tp-Link Tl-Sg2005 Firmware and Tl-Sg2008 Firmware TP-Link TL-SG2005, TL-SG2008, etc. | 8.1 |
| 2021-06-10 | CVE-2021-31659 | Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Sg2005 Firmware and Tl-Sg2008 Firmware TP-Link TL-SG2005, TL-SG2008, etc. | 8.8 |
| 2021-05-14 | CVE-2020-17891 | Cross-site Scripting vulnerability in Tp-Link Archer C1200 Firmware 1.13 TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU has a XSS vulnerability allowing a remote attacker to execute arbitrary code. | 6.1 |
| 2021-04-14 | CVE-2021-27246 | Stack-based Buffer Overflow vulnerability in Tp-Link Ac1750 Firmware 1.0.15 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. | 8.0 |
| 2021-04-14 | CVE-2021-26827 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr2041+ Firmware Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | 7.5 |