CVE-2022-22922
https://notcve.org/view.php?id=CVE-2022-22922
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges. Se ha detectado que el extensor de rango Wi-Fi TP-Link TL-WA850RE versiones anteriores a v6_200923, usaba claves de sesión altamente predecibles y fácilmente detectables, lo que permitía a atacantes alcanzar privilegios administrativos • https://github.com/emremulazimoglu/cve/blob/main/CWE330-TL-WA850RE-v6.md https://www.tp-link.com/us/support/download/tl-wa850re/v6/#Firmware • CWE-330: Use of Insufficiently Random Values •
CVE-2018-12693
https://notcve.org/view.php?id=CVE-2018-12693
Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service (outage) via a long type parameter to /data/syslog.filter.json. Desbordamiento de búfer basado en pila en TP-Link TL-WA850RE Wi-Fi Range Extender con el hardware en su versión 5 permite que usuarios autenticados remotos provoquen una denegación de servicio (DoS) mediante un parámetro type largo en /data/syslog.filter.json. • https://medium.com/advisability/the-in-security-of-the-tp-link-technologies-tl-wa850re-wi-fi-range-extender-26db87a7a0cc • CWE-787: Out-of-bounds Write •
CVE-2018-12694
https://notcve.org/view.php?id=CVE-2018-12694
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json. TP-Link TL-WA850RE Wi-Fi Range Extender con el hardware en su versión 5 permite que atacantes remotos provoquen una denegación de servicio (reinicio) mediante data/reboot.json. • https://medium.com/advisability/the-in-security-of-the-tp-link-technologies-tl-wa850re-wi-fi-range-extender-26db87a7a0cc • CWE-20: Improper Input Validation •
CVE-2018-12692
https://notcve.org/view.php?id=CVE-2018-12692
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json. TP-Link TL-WA850RE Wi-Fi Range Extender con hardware en su versión 5 permite que usuarios autenticados remotos ejecuten comandos arbitrarios mediante metacaracteres shell en el parámetro wps_setup_pin en /data/wps.setup.json. • https://medium.com/advisability/the-in-security-of-the-tp-link-technologies-tl-wa850re-wi-fi-range-extender-26db87a7a0cc https://www.exploit-db.com/exploits/44912 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •