tp-link

535 tracked vulnerabilities.

CVE-2018-12576 MEDIUM
TP-Link TL-WR841N <v13 - Clickjacking
Jul 02, 2018
CVSS 4.3
EPSS 0.01
CVE-2018-12575 CRITICAL
TP-Link TL-WR841N <v13 - Auth Bypass
Jul 02, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-12574 HIGH
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n - Cross-Site Request Forgery
Jul 02, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-12694 HIGH
TP-Link TL-WA850RE Hardware Version 5 - Denial of Service via data/reboot.json
Jun 23, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-12693 MEDIUM
TP-Link TL-WA850RE Wi-Fi Range Extender v5 - Buffer Overflow
Jun 23, 2018
CVSS 6.5
EPSS 0.16
CVE-2018-12692 HIGH
TP-Link TL-WA850RE <5 - Command Injection
Jun 23, 2018
CVSS 8.8
EPSS 0.29
CVE-2018-11714 CRITICAL
TP-Link TL-WR840N/TL-WR841N <5 - Info Disclosure
Jun 04, 2018
CVSS 9.8
EPSS 0.37
CVE-2018-11482 CRITICAL
TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, TL-IPC40A-4 < 1.0.21 - Hard-coded Credentials
May 30, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-11481 HIGH
TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, TL-IPC40A-4 <1.0.21 Auth RCE via JSON Injection
May 30, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-10168 HIGH
TP-Link EAP/Omada <2.5.4/2.6.0 - Privilege Escalation
May 03, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-10167 HIGH
TP-Link EAP/Omada Controller <2.6.0 - Privilege Escalation
May 03, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-10166 HIGH
TP-Link EAP/Omada Controller <2.6.0 - CSRF
May 03, 2018
CVSS 8.8
EPSS 0.01
CVE-2018-10165 MEDIUM
TP-Link EAP/Omada Controller <2.6.0 - XSS
May 03, 2018
CVSS 5.4
EPSS 0.01
CVE-2018-10164 MEDIUM
TP-Link EAP/Omada Controller <2.6.0 - XSS
May 03, 2018
CVSS 5.4
EPSS 0.01
CVE-2017-15637 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptphellointerval Parameter
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15636 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Remote Command Execution via Webfilter Time Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15635 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via max_conn Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15634 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via wportal.lua Name Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15633 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via new-ipgroup Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15632 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via PPTP Server Configuration
Jan 11, 2018
CVSS 7.2
EPSS 0.03
CVE-2017-15631 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via new-workmode Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15630 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Remote Command Execution via pptp_client.lua new-remotesubnet Parameter
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15629 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_client.lua new-tunnelname Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15628 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via lcpechointerval Parameter
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15627 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_client.lua new-pns Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04