Vulnerabilities > TP Link > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-19 | CVE-2019-6972 | Inadequate Encryption Strength vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0 An issue was discovered on TP-Link TL-WR1043ND V2 devices. | 7.5 |
| 2019-06-06 | CVE-2019-6989 | Out-of-bounds Write vulnerability in Tp-Link Tl-Wr940N Firmware and Tl-Wr941Nd Firmware TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. | 8.8 |
| 2019-03-29 | CVE-2018-15840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Tl-Wr840N Firmware TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command. | 7.5 |
| 2019-01-18 | CVE-2019-6487 | OS Command Injection vulnerability in Tp-Link products TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field. | 8.8 |
| 2018-12-01 | CVE-2018-3951 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Tl-R600Vpn Firmware An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. | 7.2 |
| 2018-12-01 | CVE-2018-3950 | Out-of-bounds Write vulnerability in Tp-Link Tl-R600Vpn Firmware 1.2.3/1.3.0 An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. | 8.8 |
| 2018-12-01 | CVE-2018-3949 | Path Traversal vulnerability in Tp-Link Tl-R600Vpn Firmware 1.2.3/1.3.0 An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. | 7.5 |
| 2018-11-30 | CVE-2018-3948 | Improper Input Validation vulnerability in Tp-Link Tl-R600Vpn Firmware 1.2.3/1.3.0 An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. | 7.5 |
| 2018-11-26 | CVE-2018-19537 | Unrestricted Upload of File with Dangerous Type vulnerability in Tp-Link Archer C5 Firmware 2160201Us TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. | 7.2 |
| 2018-10-19 | CVE-2018-18428 | Information Exposure vulnerability in Tp-Link Tl-Sc3130 Firmware 1.6.18P12121101 TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI. | 7.5 |