CVSS: 7.7EPSS: 0%CPEs: 14EXPL: 1CVE-2023-36358
https://notcve.org/view.php?id=CVE-2023-36358
22 Jun 2023 — TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 3CVE-2023-36355 – TP-Link TL-WR940N V4 - Buffer OverFlow
https://notcve.org/view.php?id=CVE-2023-36355
22 Jun 2023 — TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. TP-Link TL-WR940N version 4 suffers from a buffer overflow vulnerability. • https://packetstorm.news/files/id/173294 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 2CVE-2023-34832 – TP-Link Archer AX10(EU)_V1.2_230220 Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-34832
16 Jun 2023 — TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4. TP-Link Archer version AX10(EU)_V1.2_230220 suffers from a buffer overflow vulnerability. • http://archer.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-29562
https://notcve.org/view.php?id=CVE-2023-29562
13 Jun 2023 — TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale. • https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA7510 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 1CVE-2023-27836
https://notcve.org/view.php?id=CVE-2023-27836
13 Jun 2023 — TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C. • https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P%202 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2023-27837
https://notcve.org/view.php?id=CVE-2023-27837
13 Jun 2023 — TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the key parameter in the function sub_ 40A774. • https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28478
https://notcve.org/view.php?id=CVE-2023-28478
12 Jun 2023 — TP-Link EC-70 devices through 2.3.4 Build 20220902 rel.69498 have a Buffer Overflow. • https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0006.md • CWE-787: Out-of-bounds Write •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 1CVE-2023-33537
https://notcve.org/view.php?id=CVE-2023-33537
07 Jun 2023 — TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/1/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_FixMapCfgRpm.md • CWE-125: Out-of-bounds Read •
CVSS: 8.5EPSS: 0%CPEs: 9EXPL: 1CVE-2023-33536
https://notcve.org/view.php?id=CVE-2023-33536
07 Jun 2023 — TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/2/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_WlanMacFilterRpm.md • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 1CVE-2023-33538
https://notcve.org/view.php?id=CVE-2023-33538
07 Jun 2023 — TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . Se ha descubierto que TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, y TL-WR740N V1/V2 contienen una vulnerabilidad de inyección de comandos en el componente /userRpm/WlanNetworkRpm. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •