Vulnerabilities > TP Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-46536 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr886N Firmware 3.0.14 TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkRegVeriRegister. | 9.8 |
| 2023-10-25 | CVE-2023-46537 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr886N Firmware 3.0.14 TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function getRegVeriRegister. | 9.8 |
| 2023-10-25 | CVE-2023-46538 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr886N Firmware 3.0.14 TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function chkResetVeriRegister. | 9.8 |
| 2023-10-25 | CVE-2023-46539 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr886N Firmware 3.0.14 TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin was discovered to contain a stack overflow via the function registerRequestHandle. | 9.8 |
| 2023-10-10 | CVE-2023-42189 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 , Nanoleaf Light strip v.3.5.10, Govee LED Strip v.3.00.42, switchBot Hub2 v.1.0-0.8, Phillips hue hub v.1.59.1959097030, and yeelight smart lamp v.1.12.69 allows a remote attacker to cause a denial of service via a crafted script to the KeySetRemove function. | 7.5 |
| 2023-09-25 | CVE-2023-38907 | Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to replay old messages encrypted with a still valid session key. | 7.5 |
| 2023-09-20 | CVE-2023-43135 | Missing Authorization vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management. | 9.8 |
| 2023-09-20 | CVE-2023-43137 | Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds ACL rules after authentication, and the rule name parameter has injection points. | 8.8 |
| 2023-09-20 | CVE-2023-43138 | Command Injection vulnerability in Tp-Link Tl-Er5120G Firmware 2.0.0 TPLINK TL-ER5120G 4.0 2.0.0 Build 210817 Rel.80868n has a command injection vulnerability, when an attacker adds NAPT rules after authentication, and the rule name has an injection point. | 8.8 |
| 2023-09-06 | CVE-2023-31188 | OS Command Injection vulnerability in Tp-Link Archer C50 V3 Firmware and Archer C55 Firmware Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |