Metrics
Affected Vendors & Products
No reference.
Mon, 16 Jun 2025 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-89 | |
CPEs | cpe:2.3:o:tp-link:eap120_firmware:1.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Tp-link
Tp-link eap120 Tp-link eap120 Firmware |
|
References |
|
|
Metrics |
cvssV3_1
|
Mon, 16 Jun 2025 22:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Jun 2025 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SQL Injection vulnerability exists in the TP-Link EAP120 router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the login fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where access control is intentionally absent for ease of functional testing. | DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. |
Thu, 24 Apr 2025 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Tp-link
Tp-link eap120 Tp-link eap120 Firmware |
|
CPEs | cpe:2.3:h:tp-link:eap120:-:*:*:*:*:*:*:* cpe:2.3:o:tp-link:eap120_firmware:1.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Tp-link
Tp-link eap120 Tp-link eap120 Firmware |
Wed, 23 Apr 2025 23:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SQL Injection vulnerability exists in the TP-Link EAP120 router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the login fields. | SQL Injection vulnerability exists in the TP-Link EAP120 router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the login fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where access control is intentionally absent for ease of functional testing. |
Wed, 16 Apr 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-89 | |
Metrics |
cvssV3_1
|
Wed, 16 Apr 2025 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SQL Injection vulnerability exists in the TP-Link EAP120 router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the login fields. | |
References |
|

Status: REJECTED
Assigner: mitre
Published: 2025-04-16T00:00:00.000Z
Updated: 2025-06-16T21:56:36.141Z
Reserved: 2025-03-11T00:00:00.000Z
Link: CVE-2025-29648

Updated:

Status : Rejected
Published: 2025-04-16T20:15:17.460
Modified: 2025-06-16T22:15:44.517
Link: CVE-2025-29648

No data.