CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27346 – TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27346
31 Mar 2023 — TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of firmware images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. • https://www.zerodayinitiative.com/advisories/ZDI-23-377 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14099
https://notcve.org/view.php?id=CVE-2020-14099
08 Apr 2021 — On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption scheme for a user's backup files uses hard-coded keys, which can expose sensitive information such as a user's password. En el enrutador Xiaomi AX1800 rom versión anterior a 1.0.336 y RM1800 root versión anterior a 1.0.26, el esquema de cifrado para los archivos de respaldo de un usuario utiliza claves embebidas, que pueden exponer información confidencial como la contraseña de un usuario • https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=25&locale=zh • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 1%CPEs: 4EXPL: 0CVE-2020-14102
https://notcve.org/view.php?id=CVE-2020-14102
13 Jan 2021 — There is command injection when ddns processes the hostname, which causes the administrator user to obtain the root privilege of the router. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. Se presenta una inyección de comando cuando ddns procesa el nombre de host, lo que causa al usuario administrador alcanzar privilegio de root del enrutador. Esto afecta al enrutador Xiaomi AX1800rom versión anterior a 1.0.336 y el enrutador Xiaomi RM1800 root vers... • https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=23&locale=en • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14098
https://notcve.org/view.php?id=CVE-2020-14098
13 Jan 2021 — The login verification can be bypassed by using the problem that the time is not synchronized after the router restarts. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. La comprobación de inicio de sesión puede ser omitida usando el problema de que la hora no se sincroniza después de que se reinicia el enrutador. Esto afecta al enrutador Xiaomi AX1800rom versiones anteriores a 1.0.336 y al enrutador Xiaomi RM1800 root versiones anteriores a 1.0.26 • https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=22&locale=en • CWE-662: Improper Synchronization •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-14101
https://notcve.org/view.php?id=CVE-2020-14101
13 Jan 2021 — The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version < 1.0.336 and Xiaomi route RM1800 root version < 1.0.26. La compilación de datos SDK de la interfaz de administración web del enrutador causó el filtrado del token. Esto afecta al enrutador Xiaomi AX1800rom versiones anteriores a 1.0.336 y enrutador XiaomiRM1800 root versiones anteriores a 1.0.26 • https://privacy.mi.com/trust#/security/vulnerability-management/vulnerability-announcement/detail?id=24&locale=en •