Vulnerabilities > TP Link > TL Wr902Ac Firmware

DATE CVE VULNERABILITY TITLE RISK
2023-09-06 CVE-2023-36489 OS Command Injection vulnerability in Tp-Link products
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.8
2022-12-30 CVE-2022-48194 Unrestricted Upload of File with Dangerous Type vulnerability in Tp-Link Tl-Wr902Ac Firmware 3.0.9.1
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.
network
low complexity
tp-link CWE-434
8.8
2022-02-24 CVE-2022-25074 Out-of-bounds Write vulnerability in Tp-Link Tl-Wr902Ac Firmware 191209
TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr().
network
low complexity
tp-link CWE-787
critical
9.8