CVSS: 9.8EPSS: 13%CPEs: 2EXPL: 4CVE-2020-9374 – TP LINK TL-WR849N - Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-9374
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. En los dispositivos TP-Link TL-WR849N versión 0.9.1 4.16, una vulnerabilidad de ejecución de comandos remota en el área de diagnóstico puede ser explotada cuando un atacante envía metacaracteres de shell específicos hacia la funcionalidad traceroute del panel. TP-Link TL-WR849N suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/48155 http://packetstormsecurity.com/files/156584/TP-Link-TL-WR849N-Remote-Code-Execution.html https://fireshellsecurity.team/hack-n-routers https://github.com/ElberTavares/routers-exploit/tree/master/tp-link • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2646
https://notcve.org/view.php?id=CVE-2013-2646
TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability. Los dispositivos TP-LINK TL-WR1043ND versión V1_120405, contienen una vulnerabilidad de denegación de servicio no especificada. • https://www.securityfocus.com/bid/59472 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 2CVE-2019-16893 – TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot
https://notcve.org/view.php?id=CVE-2019-16893
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request. La Web Management de dispositivos TP-Link TP-SG105E versión V4 1.0.0 Build 20181120, permite a un atacante no autenticado reiniciar el dispositivo mediante una petición del archivo reboot.cgi. • https://www.exploit-db.com/exploits/47958 https://exploit-db.com/exploits/47958 • CWE-306: Missing Authentication for Critical Function •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 3CVE-2019-19143 – TL-WR849N 0.9.1 4.16 - Authentication Bypass (Upload Firmware)
https://notcve.org/view.php?id=CVE-2019-19143
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. Los dispositivos TP-LINK TL-WR849N versión 0.9.1 4.16, no requieren autenticación para reemplazar el firmware por medio de una petición POST en el URI cgi/softup. TP-Link TL-WR849N version 0.9.1 4.16 suffers from a firmware upload authentication bypass vulnerability. • https://www.exploit-db.com/exploits/48152 http://packetstormsecurity.com/files/156586/TP-Link-TL-WR849N-0.9.1-4.16-Authentication-Bypass.html https://fireshellsecurity.team/hack-n-routers • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0CVE-2019-17147 – TP-LINK TL-WR841N Web Service http_parser_main Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-17147
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. • https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware https://www.zerodayinitiative.com/advisories/ZDI-19-992 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •