Vulnerabilities > TP Link > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-29 | CVE-2013-2572 | Use of Hard-coded Credentials vulnerability in Tp-Link products A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. | 5.0 |
| 2020-01-27 | CVE-2019-19143 | Missing Authentication for Critical Function vulnerability in Tp-Link Tl-Wr849N Firmware 0.9.14.16 TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. | 6.1 |
| 2019-08-27 | CVE-2019-13268 | Improper Input Validation vulnerability in Tp-Link Archer C2 V1 Firmware and Archer C3200 V1 Firmware TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. | 5.8 |
| 2019-08-27 | CVE-2019-13267 | Unspecified vulnerability in Tp-Link Archer C2 V1 Firmware and Archer C3200 V1 Firmware TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. low complexity tp-link | 5.8 |
| 2019-08-27 | CVE-2019-13266 | Incorrect Resource Transfer Between Spheres vulnerability in Tp-Link Archer C2 V1 Firmware and Archer C3200 V1 Firmware TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. | 5.8 |
| 2019-08-22 | CVE-2019-15060 | OS Command Injection vulnerability in Tp-Link Tl-Wr840N Firmware The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. | 6.5 |
| 2019-06-19 | CVE-2019-6972 | Inadequate Encryption Strength vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0 An issue was discovered on TP-Link TL-WR1043ND V2 devices. | 5.0 |
| 2019-05-15 | CVE-2016-10719 | Cross-site Scripting vulnerability in Tp-Link Archer Cr700 Firmware 1.0.6 TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password. | 4.3 |
| 2019-04-16 | CVE-2018-18489 | Unspecified vulnerability in Tp-Link Wr840N Firmware 3.16.9 The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of 1472. | 6.8 |
| 2019-03-29 | CVE-2018-15840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tp-Link Tl-Wr840N Firmware TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command. | 5.0 |