CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27359 – TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability
https://notcve.org/view.php?id=CVE-2023-27359
24 Apr 2023 — TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability. This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling that allows an attacker access to resources that should be available to the LAN interface only. • https://www.zerodayinitiative.com/advisories/ZDI-23-452 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28368
https://notcve.org/view.php?id=CVE-2023-28368
11 Apr 2023 — TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. A fake device may be prepared to spoof the affected device with the vulnerable host key.If the administrator may be tricked to login to the fake device, the credential information for the affected device may be obtained. • https://jvn.jp/en/jp/JVN62420378 • CWE-1391: Use of Weak Credentials •
CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 3CVE-2022-37255 – Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access
https://notcve.org/view.php?id=CVE-2022-37255
28 Mar 2023 — TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User --- and Password TPL075526460603. Tapo C310 RTSP server version 1.3.0 suffers from an unauthorized video stream access vulnerability. • https://packetstorm.news/files/id/171540 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-27078
https://notcve.org/view.php?id=CVE-2023-27078
23 Mar 2023 — A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint. • https://github.com/B2eFly/Router/blob/main/TPLINK/MR3020/1.md • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 10%CPEs: 2EXPL: 6CVE-2023-1389 – TP-Link Archer AX-21 Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-1389
15 Mar 2023 — TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request. This vulnerability allows network-adjacent attackers to execute arb... • https://packetstorm.news/files/id/174131 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27332 – TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27332
15 Mar 2023 — TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logging functionality of the tdpServer program, which listens on UDP port 20002. The issue results from the lack of proper validation of the length of user-supplied data prio... • https://www.zerodayinitiative.com/advisories/ZDI-23-245 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27333 – TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27333
15 Mar 2023 — TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of command 0x422 provided to the tmpServer service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to... • https://www.zerodayinitiative.com/advisories/ZDI-23-244 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23040
https://notcve.org/view.php?id=CVE-2023-23040
22 Feb 2023 — TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication. • https://midist0xf.medium.com/tl-wr940n-uses-weak-md5-hashing-algorithm-ae7b589860d2 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-0936 – TP-Link Archer C50 Web Management Interface denial of service
https://notcve.org/view.php?id=CVE-2023-0936
21 Feb 2023 — A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. • https://vuldb.com/?ctiid.221552 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 1CVE-2022-41505
https://notcve.org/view.php?id=CVE-2022-41505
23 Jan 2023 — An access control issue on TP-LInk Tapo C200 V1 devices allows physically proximate attackers to obtain root access by connecting to the UART pins, interrupting the boot process, and setting an init=/bin/sh value. • https://github.com/hemant70072/Access-control-issue-in-TP-Link-Tapo-C200-V1. •