CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25901
https://notcve.org/view.php?id=CVE-2025-25901
13 Feb 2025 — A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. Se ha descubierto una vulnerabilidad de desbordamiento de buffer en TP-Link TL-WR841ND V11, causada por los parámetros dnsserver1 y dnsserver2 en /userRpm/WanSlaacCfgRpm.htm. Esta vulnerabilidad permite a los atacantes ocasionar una denegación de servicio (Do... • https://github.com/2664521593/mycve/blob/main/TP-Link/BOF_in_TP-Link_TL-WR841ND-V11_5.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1099 – Information Disclosure Vulnerability in TP-Link Tapo C500 Wi-Fi Camera
https://notcve.org/view.php?id=CVE-2025-1099
10 Feb 2025 — The TP-Link Tapo C500 V1 and V2 are a pan-and-tilt outdoor Wi-Fi security cameras designed for comprehensive surveillance. This vulnerability exists in Tapo C500 Wi-Fi camera due to hard-coded RSA private key embedded within the device firmware. An attacker with physical access could exploit this vulnerability to obtain cryptographic private keys which can then be used to perform impersonation, data decryption and man in the middle attacks on the targeted device. This vulnerability exists in Tapo C500 Wi-Fi... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0017 • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-57357
https://notcve.org/view.php?id=CVE-2024-57357
07 Feb 2025 — An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 allows a remote attacker to execute arbitrary code via function sub_4256CC, which allows command injection by injecting 'devpwd'. • https://github.com/c10uds/tplink-wpa8630-rce-vulnerability • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 1CVE-2025-0730 – TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query strings
https://notcve.org/view.php?id=CVE-2025-0730
27 Jan 2025 — A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi of the component HTTP GET Request Handler. The manipulation of the argument username/password leads to use of get request method with sensitive query strings. It is possible to launch the attack remotely. The complexity of an attack is rather high. • https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/tp-link%20sensitive%20info%20in%20GET.md • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0729 – TP-Link TL-SG108E clickjacking
https://notcve.org/view.php?id=CVE-2025-0729
27 Jan 2025 — A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. • https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/tp-link%20clickjacking.md • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54887
https://notcve.org/view.php?id=CVE-2024-54887
09 Jan 2025 — TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. • http://tp-link.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46340
https://notcve.org/view.php?id=CVE-2024-46340
10 Dec 2024 — TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset. TL-WR845N(UN)_V4_201214, TP-Link TL-WR845N(UN)_V4_200909, and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset. • https://security.iiita.ac.in/iot/factory-reset.docx • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46341
https://notcve.org/view.php?id=CVE-2024-46341
10 Dec 2024 — TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack. • https://security.iiita.ac.in/iot/base64-authorization.docx • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54127 – Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50
https://notcve.org/view.php?id=CVE-2024-54127
05 Dec 2024 — This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0354 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54126 – Insufficient Integrity Verification Vulnerability in TP-Link Archer C50
https://notcve.org/view.php?id=CVE-2024-54126
05 Dec 2024 — This vulnerability exists in the TP-Link Archer C50 due to improper signature verification mechanism in the firmware upgrade process at its web interface. An attacker with administrative privileges within the router’s Wi-Fi range could exploit this vulnerability by uploading and executing malicious firmware which could lead to complete compromise of the targeted device. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0354 • CWE-347: Improper Verification of Cryptographic Signature CWE-494: Download of Code Without Integrity Check •