Vulnerabilities > TP Link > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-10-24 CVE-2019-13650 OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5).
network
low complexity
tp-link CWE-78
critical
9.8
2019-10-24 CVE-2019-13649 OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5).
network
low complexity
tp-link CWE-78
critical
9.8
2019-08-14 CVE-2019-12103 OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16/151021/160330
The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability.
network
low complexity
tp-link CWE-78
critical
9.8
2019-07-17 CVE-2019-13614 Out-of-bounds Write vulnerability in Tp-Link Archer C1200 Firmware 1.0.0
CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server.
network
low complexity
tp-link CWE-787
critical
9.8
2019-07-17 CVE-2019-13613 Out-of-bounds Write vulnerability in Tp-Link Archer C1200 Firmware 1.0.0
CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server.
network
low complexity
tp-link CWE-787
critical
9.8
2019-06-19 CVE-2019-6971 Unspecified vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0
An issue was discovered on TP-Link TL-WR1043ND V2 devices.
network
low complexity
tp-link
critical
9.8
2018-11-26 CVE-2018-19528 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Tl-Wr886N Firmware 7.0.1.1.0
TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.
network
low complexity
tp-link CWE-119
critical
9.8
2018-09-28 CVE-2018-5393 Missing Authentication for Critical Function vulnerability in Tp-Link EAP Controller
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices.
network
low complexity
tp-link CWE-306
critical
9.8
2018-07-02 CVE-2018-12575 Improper Authentication vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16
On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
network
low complexity
tp-link CWE-287
critical
9.8
2018-06-04 CVE-2018-11714 Session Fixation vulnerability in Tp-Link Tl-Wr840N Firmware and Tl-Wr841N Firmware
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices.
network
low complexity
tp-link CWE-384
critical
9.8