tp-link

523 tracked vulnerabilities.

CVE-2026-5039 HIGH
Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N
Apr 23, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-5363 HIGH
Use of weak cryptographic key in TP-Link Archer C7
Apr 16, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-30818 HIGH
OS Command Injection Vulnerability in dnsmasq Module in TP-Link AX53
Apr 08, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-30817 MEDIUM
Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53
Apr 08, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-30816 MEDIUM
Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53
Apr 08, 2026
CVSS 5.7
EPSS 0.00
CVE-2026-30815 HIGH
OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53
Apr 08, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-30814 HIGH
Buffer Overflow Vulnerability in TP-Link AX53
Apr 08, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-34124 MEDIUM
Denial of Service via Path Expansion Overflow in HTTP Service in TP-Link Tapo C520WS
Apr 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34122 MEDIUM
Stack-based Buffer Overflow Leading to Denial of Service in TP-Link Tapo C520WS
Apr 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34121 HIGH
Authentication Bypass in DS Configuration Service via HTTP Request Parsing Differential of TP-Link Tapo C520WS
Apr 02, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-34120 MEDIUM
Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
Apr 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34119 MEDIUM
Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
Apr 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-34118 MEDIUM
Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS
Apr 02, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-4346 MEDIUM
Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N
Mar 26, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-3622 HIGH
Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N
Mar 26, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-3227 MEDIUM
Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N
Mar 16, 2026
CVSS 6.8
EPSS 0.00
CVE-2026-1668 CRITICAL
TP-Link Omada Switches - Web Interface Memory Corruption Code Execution
Mar 13, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-3841 HIGH
TP-Link TL-MR6400 v5.3 - Command Injection
Mar 12, 2026
CVSS 8.8
EPSS 0.01
CVE-2026-0655 HIGH
TP-Link Deco BE25 v1.0 - Path Traversal
Mar 02, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-0654 HIGH
TP-Link Deco BE25 v1.0-1.1.1 - Command Injection
Mar 02, 2026
CVSS 8.0
EPSS 0.00
CVE-2026-1571 MEDIUM
TP-Link Archer C60 v3 < 260206 - Reflected Cross-Site Scripting via Crafted URL
Feb 11, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-0653 MEDIUM
TP-Link Tapo C260 v1 < 1.1.9 and D235 v1 < 1.2.2 - Authenticated Improper Access Control via Synchronization Endpoint
Feb 10, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-0652 HIGH
TP-Link Tapo C260 Firmware < 1.1.9 - Authenticated OS Command Injection via Configuration Synchronization
Feb 10, 2026
CVSS 8.8
EPSS 0.00
CVE-2026-0651 HIGH
TP-Link Tapo C260 v1, D235 v1, C520WS v2.6 - Path Traversal via URL-Encoded GET Requests
Feb 10, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-22228 MEDIUM
TP-Link Archer BE230 < 1.2.4 - Authenticated Denial of Service via Crafted Configuration File
Feb 03, 2026
CVSS 4.9
EPSS 0.00
Products
tl-wr886n_firmware 39 tl-wr841n_firmware 38 er5110g_firmware 25 er5120g_firmware 25 er5510g_firmware 25 er5520g_firmware 25 r4149g_firmware 25 r4239g_firmware 25 r4299g_firmware 25 r473_firmware 25 r473g_firmware 25 r473gp-ac_firmware 25 r473p-ac_firmware 25 r478\+_firmware 25 r478_firmware 25 r478g\+_firmware 25 r483_firmware 25 r483g_firmware 25 r488_firmware 25 war1300l_firmware 25 war1750l_firmware 25 war2600l_firmware 25 war302_firmware 25 war450_firmware 25 war450l_firmware 25 war458_firmware 25 war458l_firmware 25 war900l_firmware 25 wvr1300g_firmware 25 wvr1300l_firmware 25
Quick Filters
Critical CVEs With Exploits In CISA KEV