Vulnerabilities > TP Link > TL Wr902Ac Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-06 CVE-2023-36489 OS Command Injection vulnerability in Tp-Link products
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.
low complexity
tp-link CWE-78
8.8
2022-12-30 CVE-2022-48194 Unrestricted Upload of File with Dangerous Type vulnerability in Tp-Link Tl-Wr902Ac Firmware 3.0.9.1
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.
network
low complexity
tp-link CWE-434
8.8