CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2021-3125
https://notcve.org/view.php?id=CVE-2021-3125
In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set. En TP-Link TL-XDR3230 versiones anteriores a 1.0.12, TL-XDR1850 versiones anteriores a 1.0.9, TL-XDR1860 versiones anteriores a 1.0.14, TL-XDR3250 versiones anteriores a 1.0.2, TL-XDR6060 Turbo versiones anteriores a 1.1.8, TL-XDR5430 versiones anteriores a 1.0 .11, y posiblemente otros, cuando se utiliza IPv6, puede producirse un bucle de enrutamiento que genere un tráfico de red excesivo entre un dispositivo afectado y el enrutador de su ISP aguas arriba. Esto ocurre cuando una ruta de prefijo de enlace apunta a un enlace punto a punto, una dirección IPv6 de destino pertenece al prefijo y no es una dirección IPv6 local, y un anuncio de enrutador es recibido con al menos un prefijo IPv6 único global para el cual el flag on-link se establece • https://service.tp-link.com.cn/detail_download_8719.html https://service.tp-link.com.cn/detail_download_8720.html https://service.tp-link.com.cn/detail_download_8722.html https://service.tp-link.com.cn/detail_download_8723.html https://service.tp-link.com.cn/detail_download_8724.html https://service.tp-link.com.cn/detail_download_8725.html • CWE-834: Excessive Iteration •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 3CVE-2021-3275 – TP-Link Cross Site Scripting
https://notcve.org/view.php?id=CVE-2021-3275
Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. Some of the pages including dhcp.htm, networkMap.htm, dhcpClient.htm, qsEdit.htm, and qsReview.htm and use this vulnerable hostname function (setDefaultHostname()) without sanitization. Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) almacenado no autenticado en múltiples productos de TP-Link, incluyendo WIFI Routers (enrutadores Wireless AC), Access Points, ADSL + DSL Gateways and Routers, que afectan a dispositivos TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, y Archer C3150v2, por medio de la comprobación inapropiada del nombre de host. Algunas de las páginas, incluyendo dhcp.htm, networkMap.htm, dhcpClient.htm, qsEdit.htm, y qsReview.htm, usan esta función vulnerable de nombre de host (setDefaultHostname()) sin saneamiento. Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. • http://packetstormsecurity.com/files/161989/TP-Link-Cross-Site-Scripting.html https://github.com/smriti548/CVE/blob/main/CVE-2021-3275 https://seclists.org/fulldisclosure/2021/Mar/67 https://www.tp-link.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2021-27246 – TP-Link AC1750 sync-server Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-27246
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MAC addresses by the tdpServer endpoint. A crafted TCP message can write stack pointers to the stack. An attacker can leverage this vulnerability to execute code in the context of the root user. • https://www.zerodayinitiative.com/advisories/ZDI-21-215 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27245 – TP-Link Archer A7 Protection Mechanism Failure Firewall Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-27245
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 prior to Archer C7(US)_V5_210125 and Archer A7(US)_V5_200220 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper filtering of IPv6 SSH connections. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-21-214 • CWE-693: Protection Mechanism Failure •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 1CVE-2021-27209
https://notcve.org/view.php?id=CVE-2021-27209
In the management interface on TP-Link Archer C5v 1.7_181221 devices, credentials are sent in a base64 format over cleartext HTTP. En la interfaz de administración de los dispositivos TP-Link Archer C5v versión 1.7_181221, unas credenciales son enviadas en formato base64 por medio de HTTP de texto sin cifrar • https://gokay.org/tp-link-archer-c5v-base64-cookie • CWE-319: Cleartext Transmission of Sensitive Information •