Vulnerabilities > TP Link

DATE CVE VULNERABILITY TITLE RISK
2023-09-06 CVE-2023-39224 OS Command Injection vulnerability in Tp-Link Archer C7 Firmware 180114
Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.0
2023-09-06 CVE-2023-39935 OS Command Injection vulnerability in Tp-Link Archer C5400 Firmware
Archer C5400 firmware versions prior to 'Archer C5400(JP)_V2_230506' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.0
2023-09-06 CVE-2023-40193 OS Command Injection vulnerability in Tp-Link Deco M4 Firmware
Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.0
2023-09-06 CVE-2023-40357 OS Command Injection vulnerability in Tp-Link products
Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.0
2023-09-06 CVE-2023-40531 OS Command Injection vulnerability in Tp-Link Archer Ax6000 Firmware
Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.0
2023-08-22 CVE-2023-38908 Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function.
low complexity
tp-link
6.5
2023-08-22 CVE-2023-38909 Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware
An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.
low complexity
tp-link
6.5
2023-08-22 CVE-2023-38906 Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware
An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message.
low complexity
tp-link
6.5
2023-08-21 CVE-2023-39745 Classic Buffer Overflow vulnerability in Tp-Link products
TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm.
network
low complexity
tp-link CWE-120
7.5
2023-08-21 CVE-2023-39747 Classic Buffer Overflow vulnerability in Tp-Link products
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm.
network
low complexity
tp-link CWE-120
critical
9.8