19 matches found
CVE-2026-30815
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...
EUVD-2026-20548
An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
EUVD-2026-20546
An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30815
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...
CVE-2026-30817 Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53
An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30817 Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53
An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30817
CVE-2026-30817 describes an external configuration control vulnerability in the OpenVPN module of TP-Link AX53 (v1.0) that could allow an authenticated adjacent attacker to read arbitrary files when processing a malicious configuration file. The effect is potential unauthorized access to sensitiv...
CVE-2026-30816 Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53
An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30816 Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53
An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30816
The CVE-2026-30816 entry details an external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0. An authenticated adjacent attacker can read arbitrary files when a malicious configuration file is processed, potentially leading to unauthorized access to sensitive dat...
CVE-2026-30815 OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...
CVE-2026-30815 OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...
TP-Link Archer AX53 安全漏洞
The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior to the version v1.0 1.7.1 Build 20260213, the TP-Link Archer AX53 had a security vulnerability. This vulnerability stemmed from an issue with the external configuration control of the OpenVPN module, which could...
PT-2026-31408
Name of the Vulnerable Software and Affected Versions TP-Link Archer AX53 v1.0 versions prior to 1.7.1 Build 20260213 Description An OS command injection issue in the OpenVPN module allows an authenticated adjacent attacker to execute system commands. This occurs during the processing of a...
TP-Link Archer AX53 安全漏洞
The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior versions of the TP-Link Archer AX53, including v1.0, 1.7.1 Build 20260213, contained security vulnerabilities. These vulnerabilities were due to OS command injection in the OpenVPN module, which could lead to the...
TP-Link Archer AX53 安全漏洞
The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior versions of the TP-Link Archer AX53, including v1.0, 1.7.1 Build 20260213, contained security vulnerabilities. These vulnerabilities stemmed from the OpenVPN module’s ability to allow external control, which coul...
CVE-2014-2264
The OpenVPN module in Synology DiskStation Manager DSM 4.3-3810 update 1 has a hardcoded root password of synopass, which makes it easier for remote attackers to obtain access via a VPN session...
MGASA-2021-0344 Updated webmin package fixes security vulnerability
The webmin package has been updated to version 1.979, which has fixes for handling un-trusted inputs in the Network Configuration module. Also, the openvpn module has been updated to version 3.2...
PT-2014-4593 · Synology +1 · Synology Diskstation Manager +1
Name of the Vulnerable Software and Affected Versions: Synology DiskStation Manager DSM version 4.3-3810 update 1 Description: The issue concerns a hardcoded root password in the OpenVPN module, specifically set to synopass, which can be exploited by remote attackers to gain access via a VPN...