CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 2CVE-2023-36355 – TP-Link TL-WR940N V4 - Buffer OverFlow
https://notcve.org/view.php?id=CVE-2023-36355
TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. TP-Link TL-WR940N version 4 suffers from a buffer overflow vulnerability. • https://www.exploit-db.com/exploits/51561 http://packetstormsecurity.com/files/173294/TP-Link-TL-WR940N-4-Buffer-Overflow.html https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/9/TP-Link%20TL-WR940N%20wireless%20router%20userRpmWanDynamicIpV6CfgRpm%20buffer%20write%20out-of-bounds%20vulnerability.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 2CVE-2023-34832
https://notcve.org/view.php?id=CVE-2023-34832
TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4. • http://archer.com http://packetstormsecurity.com/files/172989/TP-Link-Archer-AX10-EU-_V1.2_230220-Buffer-Overflow.html http://tp-link.com https://gist.github.com/jhacker91/2026e080a42514255e758d64b465d1d5 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1CVE-2023-27836
https://notcve.org/view.php?id=CVE-2023-27836
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C. • https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P%202 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 1CVE-2023-27837
https://notcve.org/view.php?id=CVE-2023-27837
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the key parameter in the function sub_ 40A774. • https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-29562
https://notcve.org/view.php?id=CVE-2023-29562
TP-Link TL-WPA7510 (EU)_V2_190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale. • https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA7510 • CWE-787: Out-of-bounds Write •