CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 1CVE-2021-37774
https://notcve.org/view.php?id=CVE-2021-37774
An issue was discovered in function httpProcDataSrv in TL-WDR7660 2.0.30 that allows attackers to execute arbitrary code. Se descubrió un problema en la función httpProcDataSrv en TL-WDR7660 2.0.30 que permite a los atacantes ejecutar código arbitrario. • https://github.com/fishykz/TP-POC •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22303
https://notcve.org/view.php?id=CVE-2023-22303
TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an authentication bypass vulnerability. Under the certain conditions, an attacker may impersonate an administrator of the product. As a result, information may be obtained and/or the product's settings may be altered with the privilege of the administrator. El firmware TP-Link SG105PE anterior a 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contiene una vulnerabilidad de omisión de autenticación. Bajo determinadas condiciones, un atacante puede hacerse pasar por un administrador del producto. • https://jvn.jp/en/jp/JVN78481846/index.html https://www.tp-link.com/en/business-networking/easy-smart-switch/tl-sg105pe https://www.tp-link.com/jp/support/download/tl-sg105pe/v1/#Firmware • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4498 – A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.
https://notcve.org/view.php?id=CVE-2022-4498
In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution. • https://kb.cert.org/vuls/id/572615 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4499 – The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
https://notcve.org/view.php?id=CVE-2022-4499
TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password. • https://kb.cert.org/vuls/id/572615 • CWE-203: Observable Discrepancy •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 2CVE-2022-48194 – TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)
https://notcve.org/view.php?id=CVE-2022-48194
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate. Los dispositivos TP-Link TL-WR902AC hasta V3 0.9.1 permiten a atacantes remotos autenticados ejecutar código arbitrario o provocar una Denegación de Servicio (DoS) cargando una actualización de firmware manipulada porque la verificación de firma es inadecuada. TP-Link TL-WR902AC with firmware version 210730 (V3) suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/51192 http://packetstormsecurity.com/files/171623/TP-Link-TL-WR902AC-Remote-Code-Execution.html https://github.com/otsmr/internet-of-vulnerable-things/tree/main/exploits • CWE-434: Unrestricted Upload of File with Dangerous Type •