CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-27209
https://notcve.org/view.php?id=CVE-2021-27209
13 Feb 2021 — In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP. En la interfaz de administración de los dispositivos TP-Link Archer C5v versión 1.7_181221, unas credenciales son enviadas en formato base64 por medio de HTTP de texto sin cifrar • https://gokay.org/tp-link-archer-c5v-base64-cookie • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-27210
https://notcve.org/view.php?id=CVE-2021-27210
13 Feb 2021 — TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via [USER_CFG#0,0,0,0,0,0#0,0,0,0,0,0]0,0 to the /cgi?1&5 URI. Los dispositivos TP-Link Archer C5v versión 1.7_181221, permiten a atacantes remotos recuperar credenciales de texto sin cifrar por medio de [USER_CFG#0,0,0,0,0,0 # 0,0,0,0,0,0] 0,0 al URI /cgi?1&5 • https://gokay.org/tp-links-archer-c5v-improper-authorization • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 9.0EPSS: 3%CPEs: 2EXPL: 1CVE-2020-35576 – TP-Link TL-WR841N - Command Injection
https://notcve.org/view.php?id=CVE-2020-35576
25 Jan 2021 — A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. Un problema de Inyección de Comando en la funcionalidad traceroute en TP-Link TL-WR841N V13 (JP) con versiones de firmware anteriores a 201216, permite a usuarios autenticados ejecutar código arbitrario como root por medio de metacaracteres de shell, una vu... • https://www.exploit-db.com/exploits/50058 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 24%CPEs: 2EXPL: 2CVE-2020-36178
https://notcve.org/view.php?id=CVE-2020-36178
06 Jan 2021 — oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem. oal_ipt_addBridgeIsolationRules en dispositivos TP-Link TL-WR840N versión 6_EU_0.9.1_4.16, permite una inyección de comandos del Sistema Operativo porque una cadena si... • https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-TPLink.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 14%CPEs: 54EXPL: 3CVE-2020-35575 – TP-Link TL-WR841N Command Injection
https://notcve.org/view.php?id=CVE-2020-35575
26 Dec 2020 — A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices. Un problema de divulgación de contraseña en la interfaz web... • https://packetstorm.news/files/id/163274 •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2020-5797
https://notcve.org/view.php?id=CVE-2020-5797
21 Nov 2020 — UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router. Un Seguimiento Enlace Simbólico de UNIX (Symlink) en TP-Link Archer versiones de firmware C9(EE. UU.) _V1_180125, permite a un actor no autenticado, con acceso físico y acceso de red, leer archivos confidenciales y escribir en un conjunto limi... • https://www.tenable.com/security/research/tra-2020-60 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.8EPSS: 0%CPEs: 32EXPL: 0CVE-2020-28877
https://notcve.org/view.php?id=CVE-2020-28877
20 Nov 2020 — Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N. Un desbordamiento del búfer en la función copy_msg_element para el servidor devDiscoverHandle en las series TP-Link WR y WDR, incluyendo WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N... • https://exchange.xforce.ibmcloud.com/vulnerabilities/192112 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 1CVE-2020-24297
https://notcve.org/view.php?id=CVE-2020-24297
18 Nov 2020 — httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023 httpd en dispositivos TP-Link TL-WPA4220 (versiones 2 hasta 4) permite a usuarios autenticados remotos ejecutar comandos arbitrarios del Sistema Operativo mediante el envío de peticiones POST diseñadas al endpoint /admin/powerline. Versión corregida: TL-WPA4220 (EU) _V4_201... • https://the-hyperbolic.com/posts/vulnerabilities-in-tlwpa4220 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-28005
https://notcve.org/view.php?id=CVE-2020-28005
18 Nov 2020 — httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023 httpd en dispositivos TP-Link TL-WPA4220 (versiones de hardware 2 hasta 4), permite a unos usuarios autenticados remotos desencadenar un desbordamiento del búfer (causando una denegación de servicio) mediante el envío de una petición POST hacia el endpoi... • https://the-hyperbolic.com/posts/vulnerabilities-in-tlwpa4220 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 7%CPEs: 2EXPL: 5CVE-2020-28347
https://notcve.org/view.php?id=CVE-2020-28347
08 Nov 2020 — tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled. tdpServer en dispositivos TP-Link Archer A7 AC1750 versiones anteriores a 201029, permite a atacantes remotos ejecutar código arbitrario mediante el parámetro slave_mac. NOTA: este problema se presenta debido a una corrección incompleta para el CVE-2020-10882 en ... • https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/lao_bomb/lao_bomb.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •