tp-link

535 tracked vulnerabilities.

CVE-2017-15626 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_server.lua new-bindif Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15625 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_client.lua new-olmode Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15624 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_server.lua new-authtype Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15623 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_server.lua new-enable Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15622 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_client.lua new-mppeencryption Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.03
CVE-2017-15621 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via olmode Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15620 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via ipmac_import.lua new-zone Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15619 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptphellointerval Parameter
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15618 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated OS Command Injection via pptp_client.lua new-enable Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15617 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via iface Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15616 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via phddns.lua new-interface Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15615 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated OS Command Injection via pptp_client.lua lcpechointerval
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15614 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via pptp_client.lua new-outif Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-15613 HIGH
TP-Link WVR WAR and ER Firmware - Authenticated Command Injection via cmxddns.lua new-interface Variable
Jan 11, 2018
CVSS 7.2
EPSS 0.04
CVE-2017-17747 MEDIUM
TP-Link TL-SG108E v1.0.0 - Unauthenticated Denial of Service via Device Logout Functionality
Dec 20, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-17746 MEDIUM
TP-Link TL-SG108E Firmware 1.0.0 - Missing Authentication for Critical Function via NAT Gateway IP
Dec 20, 2017
CVSS 6.8
EPSS 0.02
CVE-2017-17745 MEDIUM
TP-Link TL-SG108E 1.0.0 - Authenticated Cross-Site Scripting via sysName Parameter
Dec 20, 2017
CVSS 5.4
EPSS 0.01
CVE-2017-17758 HIGH
TP-Link TL-WVR and TL-WAR Firmware - Authenticated Remote Code Execution via Dhcps Interface Field
Dec 19, 2017
CVSS 8.8
EPSS 0.03
CVE-2017-17757 HIGH
TP-Link TL-WVR and TL-WAR Firmware - Authenticated Remote Code Execution via Interface Field
Dec 19, 2017
CVSS 8.8
EPSS 0.03
CVE-2017-16960 HIGH
TP-Link TL-WVR/TL-WAR/TL-ER/TL-R - Command Injection
Nov 27, 2017
CVSS 8.8
EPSS 0.02
CVE-2017-16959 MEDIUM
TP-Link TL-WVR/TL-WAR/TL-ER/TL-R - Info Disclosure
Nov 27, 2017
CVSS 6.5
EPSS 0.02
CVE-2017-16958 HIGH
TP-Link TL-WVR,TL-WAR,TL-ER,TL-R - Command Injection
Nov 27, 2017
CVSS 8.8
EPSS 0.03
CVE-2017-16957 HIGH
TP-Link TL-WVR/TL-WAR/TL-ER/TL-R - Command Injection
Nov 27, 2017
CVSS 8.8
EPSS 0.06
CVE-2017-13772 HIGH
TP-Link WR940N Hardware v4 - Authenticated Remote Code Execution via PingIframeRpm.htm or WanStaticIpV6CfgRpm.htm
Oct 23, 2017
CVSS 8.8
EPSS 0.53
CVE-2017-15291 MEDIUM
TP-LINK TL-MR3220 Firmware - Stored Cross-Site Scripting via Wireless MAC Filtering Description Field
Oct 20, 2017
CVSS 6.1
EPSS 0.02