Vulnerabilities > TP Link > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-01 CVE-2023-31710 Out-of-bounds Write vulnerability in Tp-Link Archer Ax21 Firmware 3.61.1.4/31.1.4
TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow.
network
low complexity
tp-link CWE-787
critical
9.8
2023-06-22 CVE-2023-36355 Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr940N Firmware
TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm.
network
low complexity
tp-link CWE-120
critical
9.9
2023-06-16 CVE-2023-34832 Classic Buffer Overflow vulnerability in Tp-Link Archer Ax10 Firmware 230220
TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4.
network
low complexity
tp-link CWE-120
critical
9.8
2023-06-13 CVE-2023-29562 Out-of-bounds Write vulnerability in Tp-Link Tl-Wpa7510 Firmware 190125
TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale.
network
low complexity
tp-link CWE-787
critical
9.8
2023-06-13 CVE-2023-27836 Command Injection vulnerability in Tp-Link Tl-Wpa8630P Firmware 171011
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C.
network
low complexity
tp-link CWE-77
critical
9.8
2023-06-13 CVE-2023-27837 Command Injection vulnerability in Tp-Link Tl-Wpa8630P Firmware 171011
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the key parameter in the function sub_ 40A774.
network
low complexity
tp-link CWE-77
critical
9.8
2023-03-23 CVE-2023-27078 Command Injection vulnerability in Tp-Link Tl-Mr3020 Firmware 1.0
A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint.
network
low complexity
tp-link CWE-77
critical
9.8
2023-01-17 CVE-2023-22303 Improper Authentication vulnerability in Tp-Link Tl-Sg105Pe Firmware 1.0.0
TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an authentication bypass vulnerability.
network
low complexity
tp-link CWE-287
critical
9.8
2023-01-11 CVE-2022-4498 Out-of-bounds Write vulnerability in Tp-Link Archer C5 Firmware and Tl-Wr710N Firmware
In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow.
network
low complexity
tp-link CWE-787
critical
9.8
2022-09-12 CVE-2022-37860 OS Command Injection vulnerability in Tp-Link M7350 Firmware 190531
The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability.
network
low complexity
tp-link CWE-78
critical
9.8