CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43636 – TP-Link TL-WR940N httpd Use of Insufficiently Random Values Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-43636
21 Nov 2022 — This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6_211111 3.20.1(US) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system. • https://www.zerodayinitiative.com/advisories/ZDI-22-1614 • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-42433 – TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-42433
25 Oct 2022 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N TL-WR841N(US)_V14_220121 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ated_tp service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute c... • https://www.zerodayinitiative.com/advisories/ZDI-22-1466 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2022-41541
https://notcve.org/view.php?id=CVE-2022-41541
18 Oct 2022 — TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user. TP-Link AX10v1 versión V1_211117, permite a atacantes ejecutar un ataque de repetición al usar un mensaje de autenticación encriptado previamente transmitido y un token de autenticación válido. Los atacantes son capaces de iniciar sesión en la aplicación web como un usuario ... • https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Replay • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 2CVE-2022-41540
https://notcve.org/view.php?id=CVE-2022-41540
18 Oct 2022 — The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attack, and access sensitive information. El cliente de la aplicación web de TP-Link AX10v1 versión V1_211117, usa claves criptográficas embebidas cuando es comunicado con el router. Los atacantes que son capaces de int... • https://github.com/efchatz/easy-exploits • CWE-798: Use of Hard-coded Credentials •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 1CVE-2022-42202
https://notcve.org/view.php?id=CVE-2022-42202
18 Oct 2022 — TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS). TP-Link TL-WR841N versión 8.0 4.17.16 Build 120201 Rel.54750n, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) • https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-40486
https://notcve.org/view.php?id=CVE-2022-40486
28 Sep 2022 — TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file. Se ha detectado que el firmware de TP Link Archer AX10 versión V1, versión 1.3.1 Build 20220401 Rel. 57450(5553), permitía a atacantes autenticados ejecutar código arbitrario por medio de un archivo de copia de seguridad diseñado • https://github.com/gscamelo/TP-Link-Archer-AX10-V1/blob/main/README.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-37860
https://notcve.org/view.php?id=CVE-2022-37860
12 Sep 2022 — The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability. La interfaz de configuración web del TP-Link M7350 versión V3, con la versión de firmware 190531, está afectada por una vulnerabilidad de inyección de comandos de preautenticación • https://www.tp-link.com/uk/support/download/m7350/v3/#Firmware • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42232
https://notcve.org/view.php?id=CVE-2021-42232
23 Aug 2022 — TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. The vulnerability is caused by the program taking part of the received data packet as part of the command. This will cause an attacker to execute arbitrary commands on the router. TP-Link Archer A7 Archer versión A7(US)_V5_210519, está afectado por una vulnerabilidad de inyección de comandos en /usr/bin/tddp. La vulnerabilidad es causada por el programa que toma parte del paquete de datos recibido co... • http://archer.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-34555
https://notcve.org/view.php?id=CVE-2022-34555
28 Jul 2022 — TP-LINK TL-R473G 2.0.1 Build 220529 Rel.65574n was discovered to contain a remote code execution vulnerability which is exploited via a crafted packet. Se ha detectado que TP-LINK TL-R473G versión 2.0.1 Build 220529 Rel.65574n, contiene una vulnerabilidad de ejecución de código remota que es aprovechada por medio de un paquete diseñado • https://github.com/skyedai910/Vuln/tree/master/TL-R473G/command_execution_0 •
CVSS: 9.0EPSS: 2%CPEs: 12EXPL: 0CVE-2022-30024
https://notcve.org/view.php?id=CVE-2022-30024
14 Jul 2022 — A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected. Un desbordamiento de búfer en el demonio httpd en los dispositivos TP-Link TL-WR841N V12 (versión de fi... • http://tl-wr841.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •