CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2018-19528
https://notcve.org/view.php?id=CVE-2018-19528
TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp. Los dispositivos TP-Link TL-WR886N 7.0 1.1.0 permiten a los atacantes remotos provocar una denegación de servicio (excepción de la carga Tib) mediante paquetes DNS manipulados al puerto 53/udp. • https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/dns_request_buff_overflow/README.md • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 3CVE-2018-18428 – TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure
https://notcve.org/view.php?id=CVE-2018-18428
TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI. Los dispositivos TP-Link TL-SC3130 1.6.18P12_121101 permiten el acceso no autenticado al flujo RTSP, tal y como queda demostrado con un URI /jpg/image.jpg. TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure. • https://www.exploit-db.com/exploits/45632 https://packetstormsecurity.com/files/149843 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5497.php • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15700
https://notcve.org/view.php?id=CVE-2018-15700
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when an unauthenticated LAN user sends a crafted HTTP header containing an unexpected Referer field. La interfaz web en TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 es vulnerable a una denegación de servicio (DoS) cuando un usuario LAN autenticado envía una cabecera HTTP que contiene un campo Referer inesperado. • https://www.tenable.com/security/research/tra-2018-27 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15702
https://notcve.org/view.php?id=CVE-2018-15702
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to insufficient validation of the referer field. La interfaz web en TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 es vulnerable a Cross-Site Request Forgery (CSRF) debido a una validación insuficiente del campo referer. • https://www.tenable.com/security/research/tra-2018-27 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15701
https://notcve.org/view.php?id=CVE-2018-15701
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when an unauthenticated LAN user sends a crafted HTTP header containing an unexpected Cookie field. La interfaz web en TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 es vulnerable a una denegación de servicio (DoS) cuando un usuario LAN autenticado envía una cabecera HTTP que contiene un campo Cookie inesperado. • https://www.tenable.com/security/research/tra-2018-27 • CWE-20: Improper Input Validation •