Vulnerabilities > TP Link > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2023-36355 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr940N Firmware TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. | 9.9 |
| 2023-06-16 | CVE-2023-34832 | Classic Buffer Overflow vulnerability in Tp-Link Archer Ax10 Firmware 230220 TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4. | 9.8 |
| 2023-06-13 | CVE-2023-29562 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wpa7510 Firmware 190125 TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale. | 9.8 |
| 2023-06-13 | CVE-2023-27836 | Command Injection vulnerability in Tp-Link Tl-Wpa8630P Firmware 171011 TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C. | 9.8 |
| 2023-06-13 | CVE-2023-27837 | Command Injection vulnerability in Tp-Link Tl-Wpa8630P Firmware 171011 TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the key parameter in the function sub_ 40A774. | 9.8 |
| 2023-03-23 | CVE-2023-27078 | Command Injection vulnerability in Tp-Link Tl-Mr3020 Firmware 1.0 A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint. | 9.8 |
| 2023-01-17 | CVE-2023-22303 | Improper Authentication vulnerability in Tp-Link Tl-Sg105Pe Firmware 1.0.0 TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an authentication bypass vulnerability. | 9.8 |
| 2023-01-11 | CVE-2022-4498 | Out-of-bounds Write vulnerability in Tp-Link Archer C5 Firmware and Tl-Wr710N Firmware In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. | 9.8 |
| 2022-09-12 | CVE-2022-37860 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 190531 The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability. | 9.8 |
| 2022-08-23 | CVE-2021-42232 | OS Command Injection vulnerability in Tp-Link Archer A7 Firmware 210519 TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. | 9.8 |