Vulnerabilities > TP Link > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-09 | CVE-2022-30075 | Unspecified vulnerability in Tp-Link Archer Ax50 Firmware 210730 In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation. | 8.8 |
2022-05-10 | CVE-2022-26987 | Out-of-bounds Write vulnerability in multiple products TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. | 7.8 |
2022-05-10 | CVE-2022-26988 | Out-of-bounds Write vulnerability in multiple products TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. | 7.8 |
2022-04-18 | CVE-2021-46122 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.14.17V0001.0 Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature. | 7.2 |
2022-03-28 | CVE-2022-26639 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.1.4.16 TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. | 7.2 |
2022-03-28 | CVE-2022-26640 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.1.4.16 TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. | 7.2 |
2022-03-28 | CVE-2022-26641 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.1.4.16 TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. | 7.2 |
2022-03-28 | CVE-2022-26642 | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wr840N Firmware 0.9.1.4.16 TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter. | 7.2 |
2022-03-10 | CVE-2021-44032 | Unspecified vulnerability in Tp-Link Omada Software Controller TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. | 7.5 |
2022-03-04 | CVE-2021-44827 | OS Command Injection vulnerability in Tp-Link Archer C20I Firmware There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build 170221 Rel.55462n devices vie the X_TP_ExternalIPv6Address HTTP parameter, allowing a remote attacker to run arbitrary commands on the router with root privileges. | 8.8 |