Page 54 of 351 results (0.010 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info para sun. Se ha descubierto un problema en dispositivos TP-Link TL-WR886N 6.0 2.3.4 y TL-WR886N 7.0 1.1.0. Los atacantes autenticados pueden provocar el cierre inesperado de los servicios del router (p.ej., inetd, HTTP, DNS y UPnP) mediante datos JSON largos para hosts_info para sun. • https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_07/README.md •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. Los dispositivos TP-Link WR840N tienen un desbordamiento de búfer mediante una cabecera HTTP Authorization grande.. TP-Link Wireless N Router WR840N suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/45203 https://hackingvila.wordpress.com/2018/08/08/tp-link-buffer-overflow-via-a-long-authorization-http-header-cve-2018-15172 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 2

TP-Link WR840N devices allow remote attackers to cause a denial of service (connectivity loss) via a series of packets with random MAC addresses. Los dispositivos TP-Link WR840N permiten que atacantes remotos provoquen una denegación de servicio (pérdida de conectividad) mediante una serie de paquetes con direcciones MAC aleatorias. • https://www.exploit-db.com/exploits/45064 https://hackingvila.wordpress.com/2018/07/17/cve-2018-14336-tp-link-wireless-n-router-wr840n-vulnerability • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1

TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI. Los dispositivos TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU tienen Cross-Site Scripting (XSS) mediante PATH_INFO en el URI /webpages/data. TP-Link Archer C1200 suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/45970 https://www.xc0re.net/2018/05/25/tp-link-wireless-router-archer-c1200-cross-site-scripting • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. Los dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n permiten el secuestro de clicks. • https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •