Filtered by vendor Tp-link Subscriptions
Total 371 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-9350 1 Tp-link 2 Tl-wr740n, Tl-wr740n Firmware 2024-11-21 N/A
TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote attackers to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm.
CVE-2014-4728 1 Tp-link 2 Tl-wdr4300, Tl-wdr4300 Firmware 2024-11-21 N/A
The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to cause a denial of service (crash) via a long header in a GET request.
CVE-2014-4727 1 Tp-link 2 Tl-wdr4300, Tl-wdr4300 Firmware 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the DHCP clients page in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to inject arbitrary web script or HTML via the hostname in a DHCP request.
CVE-2013-6786 6 Allegrosoft, Dlink, Huawei and 3 more 7 Rompager, Dsl-2640r, Dsl-2641r and 4 more 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Allegro RomPager before 4.51, as used on the ZyXEL P660HW-D1, Huawei MT882, Sitecom WL-174, TP-LINK TD-8816, and D-Link DSL-2640R and DSL-2641R, when the "forbidden author header" protection mechanism is bypassed, allows remote attackers to inject arbitrary web script or HTML by requesting a nonexistent URI in conjunction with a crafted HTTP Referer header that is not properly handled in a 404 page. NOTE: there is no CVE for a "URL redirection" issue that some sources list separately.
CVE-2013-4848 1 Tp-link 2 Tl-wdr4300, Tl-wdr4300 Firmware 2024-11-21 8.8 High
TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities.
CVE-2013-4654 1 Tp-link 4 Tl-1043nd, Tl-1043nd Firmware, Tl-wdr4300 and 1 more 2024-11-21 9.8 Critical
Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND..
CVE-2013-3688 1 Tp-link 5 Lm Firmware, Tl-sc3130, Tl-sc3130g and 2 more 2024-11-21 N/A
The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to (1) cause a denial of service (device reboot) via a request to cgi-bin/reboot or (2) cause a denial of service (reboot and reset to factory defaults) via a request to cgi-bin/hardfactorydefault.
CVE-2013-2646 1 Tp-link 2 Tl-wr1043nd, Tl-wr1043nd Firmware 2024-11-21 7.5 High
TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability.
CVE-2013-2645 1 Tp-link 1 Firmware 2024-11-21 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka "FTP directory traversal") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm.
CVE-2013-2581 1 Tp-link 5 Lm Firmware, Tl-sc3130, Tl-sc3130g and 2 more 2024-11-21 N/A
cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to modify the firmware revision via a "preset" action.
CVE-2013-2580 1 Tp-link 5 Lm Firmware, Tl-sc3130, Tl-sc3130g and 2 more 2024-11-21 N/A
Unrestricted file upload vulnerability in cgi-bin/uploadfile in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, allows remote attackers to upload arbitrary files, then accessing it via a direct request to the file in the mnt/mtd directory.
CVE-2013-2579 1 Tp-link 5 Lm Firmware, Tl-sc3130, Tl-sc3130g and 2 more 2024-11-21 N/A
TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 have an empty password for the hardcoded "qmik" account, which allows remote attackers to obtain administrative access via a TELNET session.
CVE-2013-2578 1 Tp-link 5 Lm Firmware, Tl-sc3130, Tl-sc3130g and 2 more 2024-11-21 N/A
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the ServerName parameter and (2) other unspecified parameters.
CVE-2013-2573 1 Tp-link 6 Tl-sc 3130g, Tl-sc 3130g Firmware, Tl-sc 3171g and 3 more 2024-11-21 9.8 Critical
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
CVE-2013-2572 1 Tp-link 8 Tl-sc 3130, Tl-sc 3130 Firmware, Tl-sc 3130g and 5 more 2024-11-21 7.5 High
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files.
CVE-2012-6316 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.
CVE-2012-6276 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2024-11-21 N/A
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
CVE-2012-5687 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2024-11-21 N/A
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
CVE-2012-2440 1 Tp-link 1 8840t 2024-11-21 N/A
The default configuration of the TP-Link 8840T router enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors.
CVE-2024-11237 1 Tp-link 3 Vn020-f3v\(t\), Vn020-f3v\(t\) Firmware, Vn020 F3v Firmware 2024-11-19 7.5 High
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.