Vulnerabilities > TP Link > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-44631 Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr886N Firmware 201908262.3.8
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/reset_cloud_pwd feature, which allows malicous users to execute arbitrary code on the system via a crafted post request.
network
low complexity
tp-link CWE-120
critical
9.8
2022-03-10 CVE-2021-44632 Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr886N Firmware 201908262.3.8
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/upgrade_info feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.
network
low complexity
tp-link CWE-120
critical
9.8
2022-03-10 CVE-2021-4045 Command Injection vulnerability in Tp-Link Tapo C200 Firmware
TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root.
network
low complexity
tp-link CWE-77
critical
9.8
2022-02-25 CVE-2022-25060 OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6.20180709
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
network
low complexity
tp-link CWE-78
critical
9.8
2022-02-25 CVE-2022-25061 OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6.20180709
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.
network
low complexity
tp-link CWE-78
critical
9.8
2022-02-25 CVE-2022-25064 OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware 6.20180709
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.
network
low complexity
tp-link CWE-78
critical
9.8
2022-02-24 CVE-2022-25072 Out-of-bounds Write vulnerability in Tp-Link Archer A54 Firmware 210111
TP-Link Archer A54 Archer A54(US)_V1_210111 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr().
network
low complexity
tp-link CWE-787
critical
9.8
2022-02-24 CVE-2022-25073 Out-of-bounds Write vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.18
TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr().
network
low complexity
tp-link CWE-787
critical
9.8
2022-02-24 CVE-2022-25074 Out-of-bounds Write vulnerability in Tp-Link Tl-Wr902Ac Firmware 191209
TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr().
network
low complexity
tp-link CWE-787
critical
9.8
2022-02-18 CVE-2022-22922 Use of Insufficiently Random Values vulnerability in Tp-Link Tl-Wa850Re Firmware
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.
network
low complexity
tp-link CWE-330
critical
9.8