CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4224 – TP-Link TL-SG1016DE XSS
https://notcve.org/view.php?id=CVE-2024-4224
15 Jul 2024 — An authenticated stored cross-site scripting (XSS) exists in the TP-Link TL-SG1016DE affecting version TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, which could allow an adversary to run JavaScript in an administrator's browser. This issue was fixed in TL-SG1016DE(UN) V7_1.0.1 Build 20240628. Existe un cross-site scripting (XSS) almacenado autenticado en TP-Link TL-SG1016DE que afecta la versión TL-SG1016DE(UN) V7.6_1.0.0 Build 20230616, que podría permitir a un adversario ejecutar JavaScript en el navegador d... • https://takeonme.org/cves/CVE-2024-4224.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2024-38471
https://notcve.org/view.php?id=CVE-2024-38471
04 Jul 2024 — Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi. Múltiples productos TP-LINK permiten a un atacante adyacente a la red con privilegios administrativos ejecutar comandos arbitrarios del sistema operativo mediante la restauración de un archivo de copia de seguridad manipulado. El dispositivo afectado,... • https://jvn.jp/en/vu/JVNVU99784493 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21827
https://notcve.org/view.php?id=CVE-2024-21827
25 Jun 2024 — A leftover debug code vulnerability exists in the cli_server debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1947 • CWE-489: Active Debug Code •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37661
https://notcve.org/view.php?id=CVE-2024-37661
17 Jun 2024 — TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages. TP-LINK TL-7DR5130 v1.0.23 es vulnerable a ataques de mensajes de redireccionamiento ICMP falsificados. Un atacante en la misma WLAN que la víctima puede secuestrar el tráfico entre la víctima y cualquier servidor remoto enviando mensajes de redireccionamiento ICMP falsificado... • https://github.com/ouuan/router-vuln-report/blob/master/icmp-redirect/tl-7dr5130-redirect.md • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37662
https://notcve.org/view.php?id=CVE-2024-37662
17 Jun 2024 — TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router. TP-LINK TL-7DR5130 v1.0.23 es vulnerable a TCP DoS o ataques de secuestro. Un atacante en la misma WLAN que la víctima puede desconectar o secuestrar el tráfico entre la víctima y cualquier servidor remoto enviando mensajes TCP RST falsifica... • https://github.com/ouuan/router-vuln-report/blob/master/nat-rst/tl-7dr5130-nat-rst.md • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 10.0EPSS: 7%CPEs: 1EXPL: 0CVE-2024-5035 – TP-Link Archer C5400X - RFTest Unauthenticated Command Injection
https://notcve.org/view.php?id=CVE-2024-5035
27 May 2024 — The affected device expose a network service called "rftest" that is vulnerable to unauthenticated command injection on ports TCP/8888, TCP/8889, and TCP/8890. By successfully exploiting this flaw, remote unauthenticated attacker can gain arbitrary command execution on the device with elevated privileges.This issue affects Archer C4500X: through 1_1.1.6. El dispositivo afectado expone un servicio de red llamado "rftest" que es vulnerable a la inyección de comandos no autenticados en los puertos TCP/8888, TC... • https://onekey.com/blog/security-advisory-remote-command-execution-on-tp-link-archer-c5400x • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5227 – TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5227
23 May 2024 — TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are only vulnerable if configured to use a PPTP VPN with LDAP authentication. The specific flaw exists within the handling of the username parameter provided to the /usr/bin/pppd endpoint. • https://www.zerodayinitiative.com/advisories/ZDI-24-499 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.9EPSS: 2%CPEs: 1EXPL: 0CVE-2024-5228 – TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5228
23 May 2024 — TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DNS responses. • https://www.zerodayinitiative.com/advisories/ZDI-24-500 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.9EPSS: 2%CPEs: 1EXPL: 0CVE-2024-5242 – TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5242
23 May 2024 — TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DDNS error codes. • https://www.zerodayinitiative.com/advisories/ZDI-24-501 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 2%CPEs: 1EXPL: 0CVE-2024-5243 – TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5243
23 May 2024 — TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DNS names. • https://www.zerodayinitiative.com/advisories/ZDI-24-502 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •