Vulnerabilities > TP Link > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2021-44632 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr886N Firmware 201908262.3.8 A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/upgrade_info feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | 10.0 |
| 2022-03-10 | CVE-2021-4045 | Command Injection vulnerability in Tp-Link Tapo C200 Firmware TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. | 9.8 |
| 2022-03-04 | CVE-2021-44827 | OS Command Injection vulnerability in Tp-Link Archer C20I Firmware There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 170221 Rel.55462n devices vie the X_TP_ExternalIPv6Address HTTP parameter, allowing a remote attacker to run arbitrary commands on the router with root privileges. | 9.0 |
| 2022-02-25 | CVE-2022-25060 | OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6.20180709 TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. | 9.8 |
| 2022-02-25 | CVE-2022-25061 | OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6.20180709 TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. | 9.8 |
| 2022-02-25 | CVE-2022-25064 | OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6.20180709 TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. | 9.8 |
| 2022-02-24 | CVE-2022-25072 | Out-of-bounds Write vulnerability in Tp-Link Archer A54 Firmware 210111 TP-Link Archer A54 Archer A54(US)_V1_210111 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). | 10.0 |
| 2022-02-24 | CVE-2022-25073 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.18 TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). | 10.0 |
| 2022-02-24 | CVE-2022-25074 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr902Ac Firmware 191209 TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). | 10.0 |
| 2022-02-18 | CVE-2022-22922 | Use of Insufficiently Random Values vulnerability in Tp-Link Tl-Wa850Re Firmware TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. | 9.8 |