Vulnerabilities > TP Link
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-06 | CVE-2023-37284 | Improper Authentication vulnerability in Tp-Link Archer C20 Firmware 150707 Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication. | 8.8 |
| 2023-09-06 | CVE-2023-38563 | OS Command Injection vulnerability in Tp-Link Archer C1200 Firmware and Archer C9 Firmware Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. | 8.8 |
| 2023-09-06 | CVE-2023-38568 | OS Command Injection vulnerability in Tp-Link Archer A10 Firmware 230504 Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504' allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands. | 8.8 |
| 2023-09-06 | CVE-2023-38588 | OS Command Injection vulnerability in Tp-Link Archer C3150 Firmware Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-39224 | OS Command Injection vulnerability in Tp-Link Archer C7 Firmware 180114 Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-39935 | OS Command Injection vulnerability in Tp-Link Archer C5400 Firmware Archer C5400 firmware versions prior to 'Archer C5400(JP)_V2_230506' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-40193 | OS Command Injection vulnerability in Tp-Link Deco M4 Firmware Deco M4 firmware versions prior to 'Deco M4(JP)_V2_1.5.8 Build 20230619' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-40357 | OS Command Injection vulnerability in Tp-Link products Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-09-06 | CVE-2023-40531 | OS Command Injection vulnerability in Tp-Link Archer Ax6000 Firmware Archer AX6000 firmware versions prior to 'Archer AX6000(JP)_V1_1.3.0 Build 20221208' allows a network-adjacent authenticated attacker to execute arbitrary OS commands. | 8.0 |
| 2023-08-22 | CVE-2023-38908 | Unspecified vulnerability in Tp-Link Tapo and Tapo L530E Firmware An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function. low complexity tp-link | 6.5 |