CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38906
https://notcve.org/view.php?id=CVE-2023-38906
An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo Application 2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message. Un problema en la bombilla inteligente TP Link Tapo serie L530 v.1.0.0 y la aplicación Tapo v.2.8.14 permite a un atacante remoto obtener información confidencial a través del código de autenticación para el mensaje UDP. • https://arxiv.org/abs/2308.09019 https://www.dmi.unict.it/giamp/smartbulbscanbehackedtohackintoyourhousehold https://www.scitepress.org/Papers/2023/120929/120929.pdf https://www.scitepress.org/PublicationsDetail.aspx?ID=X/auBv7JrSo=&t=1 •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-39747
https://notcve.org/view.php?id=CVE-2023-39747
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/17/TP-Link%20WR841N%20wireless%20router%20WlanSecurityRpm%20Stack%20Overflow%20vulnerability.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-31710
https://notcve.org/view.php?id=CVE-2023-31710
TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow. TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 y AX21(US)_V3.6_1.1.4 Build 20230219 son vulnerables a un desbordamiento de búfer. • https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-30383
https://notcve.org/view.php?id=CVE-2023-30383
TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data. • http://tplink.com https://gist.github.com/a2ure123/a4eda2813d85d8b414bb87e855ab4bf8 https://www.tp-link.com/us/support/download/archer-c2/v1/#Firmware https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware%29%2CTPLINK • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.7EPSS: 0%CPEs: 12EXPL: 1CVE-2023-36357
https://notcve.org/view.php?id=CVE-2023-36357
An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md •