CVE-2021-41653
https://notcve.org/view.php?id=CVE-2021-41653
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. La función PING en el router TP-Link TL-WR840N EU versión v5 con firmware hasta TL-WR840N(EU)_V5_171211, es vulnerable a una ejecución de código remota por medio de una carga útil diseñada en un campo de entrada de dirección IP • https://github.com/likeww/CVE-2021-41653 http://tp-link.com https://k4m1ll0.com/cve-2021-41653.html https://www.tp-link.com/us/press/security-advisory • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2019-15060
https://notcve.org/view.php?id=CVE-2019-15060
The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. La función traceroute en el enrutador TP-Link TL-WR840N versión v4 con firmware hasta 0.9.1 3.16, es vulnerable a la ejecución de código remota por medio de una carga útil especialmente diseñada en un campo de entrada de dirección IP. • https://twitter.com/rapt00rvf https://vitor-fernandes.github.io/First-CVE • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2018-15172 – TP-Link WR840N 0.9.1 3.16 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2018-15172
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. Los dispositivos TP-Link WR840N tienen un desbordamiento de búfer mediante una cabecera HTTP Authorization grande.. TP-Link Wireless N Router WR840N suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/45203 https://hackingvila.wordpress.com/2018/08/08/tp-link-buffer-overflow-via-a-long-authorization-http-header-cve-2018-15172 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •