CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5244 – TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability
https://notcve.org/view.php?id=CVE-2024-5244
23 May 2024 — TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. This vulnerability allows network-adjacent attackers to access or spoof DDNS messages on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the cmxddnsd executable. • https://www.zerodayinitiative.com/advisories/ZDI-24-503 • CWE-656: Reliance on Security Through Obscurity •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5242 – TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5242
23 May 2024 — TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DDNS error codes. • https://www.zerodayinitiative.com/advisories/ZDI-24-501 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5227 – TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5227
23 May 2024 — TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are only vulnerable if configured to use a PPTP VPN with LDAP authentication. The specific flaw exists within the handling of the username parameter provided to the /usr/bin/pppd endpoint. • https://www.zerodayinitiative.com/advisories/ZDI-24-499 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31340
https://notcve.org/view.php?id=CVE-2024-31340
22 May 2024 — TP-Link Tether versions prior to 4.5.13 and TP-Link Tapo versions prior to 3.3.6 do not properly validate certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack. Las versiones de TP-Link Tether anteriores a 4.5.13 y las versiones de TP-Link Tapo anteriores a 3.3.6 no validan correctamente los certificados, lo que puede permitir que un atacante remoto no autenticado escuche a escondidas una comunicación cifrada a través de un ... • https://jvn.jp/en/jp/JVN29471697 •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49134
https://notcve.org/view.php?id=CVE-2023-49134
09 Apr 2024 — A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP115(V4) 5.0.4 Build 20220216 of the N30... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49133
https://notcve.org/view.php?id=CVE-2023-49133
09 Apr 2024 — A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48724
https://notcve.org/view.php?id=CVE-2023-48724
09 Apr 2024 — A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability. Existe una vulnerabilidad de corrupción de memoria en la funcionalidad de la interfaz web del punto de acceso Gigabit MU-MIMO inalámbrico Tp-Link AC1350 (EAP... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49913
https://notcve.org/view.php?id=CVE-2023-49913
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 B... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49912
https://notcve.org/view.php?id=CVE-2023-49912
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 ... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49911
https://notcve.org/view.php?id=CVE-2023-49911
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Bui... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •