CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49134
https://notcve.org/view.php?id=CVE-2023-49134
09 Apr 2024 — A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP115(V4) 5.0.4 Build 20220216 of the N30... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49133
https://notcve.org/view.php?id=CVE-2023-49133
09 Apr 2024 — A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-48724
https://notcve.org/view.php?id=CVE-2023-48724
09 Apr 2024 — A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability. Existe una vulnerabilidad de corrupción de memoria en la funcionalidad de la interfaz web del punto de acceso Gigabit MU-MIMO inalámbrico Tp-Link AC1350 (EAP... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49913
https://notcve.org/view.php?id=CVE-2023-49913
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 B... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49912
https://notcve.org/view.php?id=CVE-2023-49912
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 ... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49911
https://notcve.org/view.php?id=CVE-2023-49911
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Bui... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49910
https://notcve.org/view.php?id=CVE-2023-49910
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Bui... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49909
https://notcve.org/view.php?id=CVE-2023-49909
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49908
https://notcve.org/view.php?id=CVE-2023-49908
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped wit... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-49907
https://notcve.org/view.php?id=CVE-2023-49907
09 Apr 2024 — A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888 • CWE-121: Stack-based Buffer Overflow •