CVE-2021-41653
https://notcve.org/view.php?id=CVE-2021-41653
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. La función PING en el router TP-Link TL-WR840N EU versión v5 con firmware hasta TL-WR840N(EU)_V5_171211, es vulnerable a una ejecución de código remota por medio de una carga útil diseñada en un campo de entrada de dirección IP • https://github.com/likeww/CVE-2021-41653 http://tp-link.com https://k4m1ll0.com/cve-2021-41653.html https://www.tp-link.com/us/press/security-advisory • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2019-15060
https://notcve.org/view.php?id=CVE-2019-15060
The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. La función traceroute en el enrutador TP-Link TL-WR840N versión v4 con firmware hasta 0.9.1 3.16, es vulnerable a la ejecución de código remota por medio de una carga útil especialmente diseñada en un campo de entrada de dirección IP. • https://twitter.com/rapt00rvf https://vitor-fernandes.github.io/First-CVE • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-12195 – TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-12195
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet. Los dispositivos TP-Link TL-WR840N v5 00000005 permiten una vulnerabilidad de tipo XSS por medio del parámetro network name. • https://www.exploit-db.com/exploits/46882 http://packetstormsecurity.com/files/153027/TP-LINK-TL-WR840N-Cross-Site-Scripting.html https://www.tp-link.com/us/security • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-15172 – TP-Link WR840N 0.9.1 3.16 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2018-15172
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. Los dispositivos TP-Link WR840N tienen un desbordamiento de búfer mediante una cabecera HTTP Authorization grande.. TP-Link Wireless N Router WR840N suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/45203 https://hackingvila.wordpress.com/2018/08/08/tp-link-buffer-overflow-via-a-long-authorization-http-header-cve-2018-15172 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-11714
https://notcve.org/view.php?id=CVE-2018-11714
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action. Se ha descubierto un problema en los dispositivos TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n y TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n. Este problema viene provocado por una gestión incorrecta de sesiones en la carpeta /cgi/ o un archivo /cgi. • http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router https://www.exploit-db.com/exploits/44781 • CWE-384: Session Fixation •