CVE-2023-39747
https://notcve.org/view.php?id=CVE-2023-39747
TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/17/TP-Link%20WR841N%20wireless%20router%20WlanSecurityRpm%20Stack%20Overflow%20vulnerability.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2023-39745
https://notcve.org/view.php?id=CVE-2023-39745
TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/16/TP-Link%20WR940N%20WR941ND%20WR841N%20wireless%20router%20userRpmAccessCtrlAccessRulesRpm%20buffer%20read%20out-of-bounds%20vulnerability.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2022-46435
https://notcve.org/view.php?id=CVE-2022-46435
An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. Un problema en el proceso de actualización de firmware de TP-Link TL-WR941ND V2/V3 hasta 3.13.9 y TL-WR941ND V4 hasta 3.12.8 permite a atacantes ejecutar código arbitrario o provocar una Denegación de Servicio (DoS) mediante la carga de un Imagen de firmware manipulada. • https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/SyvnlO9Pi https://www.tp-link.com/us/press/security-advisory •