Vulnerabilities > TP Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-10 | CVE-2021-31659 | Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Sg2005 Firmware and Tl-Sg2008 Firmware TP-Link TL-SG2005, TL-SG2008, etc. | 8.8 |
| 2021-05-14 | CVE-2020-17891 | Cross-site Scripting vulnerability in Tp-Link Archer C1200 Firmware 1.13 TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU has a XSS vulnerability allowing a remote attacker to execute arbitrary code. | 6.1 |
| 2021-04-14 | CVE-2021-27246 | Unspecified vulnerability in Tp-Link Ac1750 Firmware 1.0.15 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. low complexity tp-link | 8.0 |
| 2021-04-14 | CVE-2021-26827 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr2041+ Firmware Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router. | 7.5 |
| 2021-04-12 | CVE-2021-3125 | Excessive Iteration vulnerability in Tp-Link products In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. | 7.5 |
| 2021-04-12 | CVE-2021-29302 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr802N Firmware TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. | 8.1 |
| 2021-03-29 | CVE-2021-27245 | Unspecified vulnerability in Tp-Link Archer A7 Firmware 200721/210519 This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7(US)_V5_210125 and Archer A7(US)_V5_200220 AC1750 routers. | 8.1 |
| 2021-03-26 | CVE-2021-3275 | Cross-site Scripting vulnerability in Tp-Link products Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. | 6.1 |
| 2021-02-13 | CVE-2021-27210 | Cleartext Storage of Sensitive Information vulnerability in Tp-Link Archer C5V Firmware 1.7181221 TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via [USER_CFG#0,0,0,0,0,0#0,0,0,0,0,0]0,0 to the /cgi?1&5 URI. | 6.5 |
| 2021-02-13 | CVE-2021-27209 | Cleartext Transmission of Sensitive Information vulnerability in Tp-Link Archer C5V Firmware 1.7181221 In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP. | 7.1 |