CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49910
https://notcve.org/view.php?id=CVE-2023-49910
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Bui... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49909
https://notcve.org/view.php?id=CVE-2023-49909
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49908
https://notcve.org/view.php?id=CVE-2023-49908
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped wit... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49907
https://notcve.org/view.php?id=CVE-2023-49907
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49906
https://notcve.org/view.php?id=CVE-2023-49906
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x0045ab7c` of the `httpd_portal` binary shipped with v... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25139
https://notcve.org/view.php?id=CVE-2024-25139
14 Mar 2024 — In TP-Link Omada er605 1.0.1 through (v2.6) 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in ER605(UN)_v2_2.2.4 Build 020240119. En TP-Link Omada er605 1.0.1 a (v2.6) 2.2.3, un binario cloud-brd es susceptible a un desbordamiento de almacenamiento dinámico que conduce a un desbordamiento del búfer de almacen... • https://github.com/microsoft/Microsoft-TP-Link-Research-Team • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 2CVE-2023-43318 – TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-43318
04 Mar 2024 — TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests. TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 permite a los atacantes escalar privilegios mediante la modificación de los valores 'tid' y 'usrlvl' en las solicitudes GET. TP-Link JetStream Smart Switch TL-SG2210P version 5.0 build 20211201 suffers from a privilege escalation vulnerability. • https://packetstorm.news/files/id/177411 • CWE-284: Improper Access Control •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 2CVE-2023-43482
https://notcve.org/view.php?id=CVE-2023-43482
06 Feb 2024 — A command execution vulnerability exists in the guest resource functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. Existe una vulnerabilidad de ejecución de comandos en la funcionalidad de recursos invitados de Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. Una solicitud HTTP especialmente man... • https://github.com/Mr-xn/CVE-2023-43482 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-36498
https://notcve.org/view.php?id=CVE-2023-36498
06 Feb 2024 — A post-authentication command injection vulnerability exists in the PPTP client functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability and gain access to an unrestricted shell. Existe una vulnerabilidad de inyección de comando posterior a la autenticación en la funcionalidad del cliente PPTP de Tp-Link ER7206 Omada Gigabi... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1853 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2023-47209
https://notcve.org/view.php?id=CVE-2023-47209
06 Feb 2024 — A post authentication command injection vulnerability exists in the ipsec policy functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.70591. A specially crafted HTTP request can lead to arbitrary command injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. Existe una vulnerabilidad de inyección de comando posterior a la autenticación en la funcionalidad de política ipsec de Tp-Link ER7206 Omada Gigabit VPN Router 1.3.0 build 20230322 Rel.7... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1854 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •