Vulnerabilities > TP Link > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-24 | CVE-2019-13649 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16 TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5). | 9.8 |
| 2019-08-14 | CVE-2019-12103 | OS Command Injection vulnerability in Tp-Link M7350 Firmware 1.0.16/151021/160330 The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is affected by a pre-authentication command injection vulnerability. | 9.8 |
| 2019-07-17 | CVE-2019-13614 | Out-of-bounds Write vulnerability in Tp-Link Archer C1200 Firmware 1.0.0 CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | 9.8 |
| 2019-07-17 | CVE-2019-13613 | Out-of-bounds Write vulnerability in Tp-Link Archer C1200 Firmware 1.0.0 CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server. | 9.8 |
| 2019-06-19 | CVE-2019-6971 | Unspecified vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0 An issue was discovered on TP-Link TL-WR1043ND V2 devices. | 9.8 |
| 2018-11-26 | CVE-2018-19528 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Tl-Wr886N Firmware 7.0.1.1.0 TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp. | 9.8 |
| 2018-09-28 | CVE-2018-5393 | Missing Authentication for Critical Function vulnerability in Tp-Link EAP Controller The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. | 9.8 |
| 2018-07-02 | CVE-2018-12575 | Improper Authentication vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16 On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request. | 9.8 |
| 2018-06-04 | CVE-2018-11714 | Session Fixation vulnerability in Tp-Link Tl-Wr840N Firmware and Tl-Wr841N Firmware An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. | 9.8 |
| 2018-05-30 | CVE-2018-11482 | Use of Hard-coded Credentials vulnerability in Tp-Link products /usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password. | 9.8 |