Vulnerabilities > TP Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-17 | CVE-2019-13614 | Out-of-bounds Write vulnerability in Tp-Link Archer C1200 Firmware 1.0.0 CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | 9.8 |
| 2019-07-17 | CVE-2019-13613 | Out-of-bounds Write vulnerability in Tp-Link Archer C1200 Firmware 1.0.0 CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | 9.8 |
| 2019-06-20 | CVE-2018-16119 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr1043Nd Firmware 3.00 Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm. | 7.2 |
| 2019-06-19 | CVE-2019-6972 | Inadequate Encryption Strength vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0 An issue was discovered on TP-Link TL-WR1043ND V2 devices. | 7.5 |
| 2019-06-19 | CVE-2019-6971 | Unspecified vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0 An issue was discovered on TP-Link TL-WR1043ND V2 devices. | 9.8 |
| 2019-06-06 | CVE-2019-6989 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr940N Firmware and Tl-Wr941Nd Firmware TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. | 8.8 |
| 2019-05-24 | CVE-2019-12195 | Cross-site Scripting vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.13.16 TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. | 4.8 |
| 2019-05-15 | CVE-2016-10719 | Cross-site Scripting vulnerability in Tp-Link Archer Cr700 Firmware 1.0.6 TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password. | 6.1 |
| 2019-04-16 | CVE-2018-18489 | Unspecified vulnerability in Tp-Link Wr840N Firmware 3.16.9 The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of 1472. | 4.9 |
| 2019-03-29 | CVE-2018-15840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Tl-Wr840N Firmware TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command. | 7.5 |