CVE-2013-4654
https://notcve.org/view.php?id=CVE-2013-4654
Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.. Una vulnerabilidad de Salto de Enlace Simbólico en TP-LINK TL-WDR4300 y TL-1043ND. • https://www.ise.io/casestudies/exploiting-soho-routers https://www.ise.io/soho_service_hacks https://www.ise.io/wp-content/uploads/2017/07/soho_techreport.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2013-4848
https://notcve.org/view.php?id=CVE-2013-4848
TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities. TP-Link TL-WDR4300 versión 3.13.31, presenta múltiples vulnerabilidades de tipo CSRF. • https://vuldb.com/?id.10495 https://www.ise.io/casestudies/exploiting-soho-routers https://www.ise.io/soho_service_hacks https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf https://www.securityfocus.com/bid/62884/info • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-13653
https://notcve.org/view.php?id=CVE-2019-13653
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5). Los dispositivos TP-Link M7350 versiones hasta 1.0.16 Build 181220 Rel.1116n, permiten una inyección de comandos del Sistema Operativo de triggerPort (problema 5 de 5). • https://pastebin.com/yAxBFe05 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-13652
https://notcve.org/view.php?id=CVE-2019-13652
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5). Los dispositivos TP-Link M7350 versiones hasta 1.0.16 Build 181220 Rel.1116n, permiten una inyección de comandos del Sistema Operativo de serviceName (problema 4 de 5). • https://pastebin.com/yAxBFe05 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-13651
https://notcve.org/view.php?id=CVE-2019-13651
TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5). Los dispositivos TP-Link M7350 versiones hasta 1.0.16 Build 181220 Rel.1116n, permiten una inyección de comandos del Sistema Operativo de portMappingProtocol (problema 3 de 5). • https://pastebin.com/yAxBFe05 https://www.tp-link.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •