CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24973 – TP-Link TL-WR940N httpd ssid1 Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24973
22 Feb 2022 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerabilit... • https://www.zerodayinitiative.com/advisories/ZDI-22-406 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-22922
https://notcve.org/view.php?id=CVE-2022-22922
18 Feb 2022 — TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. Se ha detectado que el extensor de rango Wi-Fi TP-Link TL-WA850RE versiones anteriores a v6_200923, usaba claves de sesión altamente predecibles y fácilmente detectables, lo que permitía a atacantes alcanzar privilegios administrativos • https://github.com/emremulazimoglu/cve/blob/main/CWE330-TL-WA850RE-v6.md • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24354 – TP-Link AC1750 NetUSB Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24354
10 Feb 2022 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context... • https://www.zerodayinitiative.com/advisories/ZDI-22-264 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24355 – TP-Link TL-WR940N httpd httpRpmFs Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24355
10 Feb 2022 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code i... • https://www.zerodayinitiative.com/advisories/ZDI-22-265 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24352 – TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24352
10 Feb 2022 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 211210 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko kernel module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-22-262 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24353 – TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24353
10 Feb 2022 — This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the root ... • https://www.zerodayinitiative.com/advisories/ZDI-22-263 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0162 – Vulnerability in TP-LinK TL-WR841N wireless router
https://notcve.org/view.php?id=CVE-2022-0162
09 Feb 2022 — The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface. Se presenta una vulnerabilidad en el router inalámbrico TP-Link TL-WR841N versión V11 3.16.9 Build 160325 Rel.62500n, debid... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-44864
https://notcve.org/view.php?id=CVE-2021-44864
08 Feb 2022 — TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter. TP-Link WR886N versión 3.0 1.0.1 Build 150127 Rel.34123n es vulnerable a un desbordamiento del búfer. Los atacantes autenticados pueden bloquear los servicios httpd del router por medio de una petición /userRpm/PingIframeRpm.htm que contiene un redundante & en un parámetro • https://github.com/zhlu32/cve/blob/main/tplink/wr886n/Tplink-wr886n-V3-Ping-DOS.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2021-35003 – TP-Link Archer C90 DNS Response Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-35003
17 Jan 2022 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-22-080 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2021-35004 – TP-Link TL-WA1201 DNS Response Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-35004
17 Jan 2022 — This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-22-081 • CWE-121: Stack-based Buffer Overflow •