Lucene search
K

28 matches found

VulnCheck KEV
VulnCheck KEV
added 2022/01/12 12:0 a.m.3 views

VulnCheck KEV: CVE-2018-3949

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated...

7.5CVSS7.1AI score0.53297EPSS
Exploits1References1
CNVD
CNVD
added 2021/04/28 12:0 a.m.6 views

TL-R600VPN has a weak password vulnerability

P&L Technologies Ltd. is a provider of network communication equipment. A weak password vulnerability exists in TL-R600VPN, which can be exploited by an attacker to log in to the system backend to obtain sensitive information...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2019/04/03 12:0 a.m.2 views

TP-Link TL-R600VPN remote code execution

A remote code execution exists in TL-R600VPN web server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/01/15 12:2 p.m.83 views

Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution vulnerabilities

Vulnerability discovery and research by Jared Rittle and Carl Hurd of Cisco Talos. Introduction TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure...

0.2AI score
Exploits0
Prion
Prion
added 2018/12/01 6:29 a.m.14 views

Remote code execution

An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an authenticated HTTP request t...

6.5CVSS7.3AI score0.03928EPSS
Exploits1References1
CVE
CVE
added 2018/12/01 6:0 a.m.59 views

CVE-2018-3951

CVE-2018-3951 describes a remote code execution in the TP-Link TL-R600VPN HTTP server caused by a buffer overflow in the HTTP header parsing. A specially crafted, authenticated HTTP request to vulnerable endpoints can overflow a static buffer, enabling arbitrary code execution in the httpd proces...

7.2CVSS7.7AI score0.03928EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/01 6:0 a.m.19 views

CVE-2018-3951

An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an authenticated HTTP request t...

7.2CVSS7.5AI score0.03928EPSS
Exploits1References1
NVD
NVD
added 2018/12/01 4:29 a.m.29 views

CVE-2018-3950

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single...

8.8CVSS7.8AI score0.02917EPSS
Exploits1References1
CVE
CVE
added 2018/12/01 4:0 a.m.60 views

CVE-2018-3950

The CVE-2018-3950 issue affects TP-Link TL-R600VPN HTTP server in HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3. The root cause is a stack overflow in the ping_addr handling within the ping/tracert path, triggered by a specially crafted IP address sent via an authenticated HTTP request, enabling remote code ...

8.8CVSS8.8AI score0.02917EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/12/01 4:0 a.m.33 views

CVE-2018-3950

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single...

7.2CVSS8.9AI score0.02917EPSS
Exploits1References1
OSV
OSV
added 2018/12/01 3:29 a.m.6 views

CVE-2018-3949

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated...

7.5CVSS5.8AI score0.53297EPSS
Exploits1References1
NVD
NVD
added 2018/12/01 3:29 a.m.23 views

CVE-2018-3949

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated...

7.5CVSS7.3AI score0.53297EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/12/01 12:0 a.m.60 views

CVE-2018-3949

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated...

7.5CVSS1.4AI score0.53297EPSS
In wildExploits1References2
Prion
Prion
added 2018/11/30 5:29 p.m.21 views

Denial of service

An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticate...

5CVSS7.4AI score0.23061EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2018/11/30 5:29 p.m.21 views

CVE-2018-3948

An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticate...

7.5CVSS7.5AI score0.23061EPSS
Exploits1References1
CVE
CVE
added 2018/11/30 5:0 p.m.216 views

CVE-2018-3948

The CVE-2018-3948 issue affects the TP-Link TL-R600VPN HTTP server. It is a denial-of-service vulnerability in the URI-parsing functionality where a specially crafted URL can cause the device to stop responding to requests, leading to downtime for the management portal. The vulnerability can be t...

7.5CVSS7.6AI score0.23061EPSS
In wildExploits1References1Affected Software1
CNVD
CNVD
added 2018/11/21 12:0 a.m.4 views

TP-Link TL-R600VPN HTTP Server Buffer Overflow Vulnerability (CNVD-2018-23626)

The TP-Link TL-R600VPN is an enterprise router from China P&L TP-LINK. the HTTP Server is one of the HTTP servers. A buffer overflow vulnerability exists in the HTTP Server in TP-Link TL-R600VPN HWv3 FRNv1.3.0 version and HWv2 FRNv1.2.3 version. An attacker can exploit the vulnerability to execut...

8.8CVSS7.6AI score0.02917EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/21 12:0 a.m.4 views

TP-Link TL-R600VPN HTTP Path Traversal Vulnerability

The TP-Link TL-R600VPN is an enterprise router from China P&L TP-LINK. A path traversal vulnerability exists in the HTTP server feature in TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 versions. An attacker can exploit the vulnerability to disclose sensitive system files with the help of a...

7.5CVSS7.4AI score0.53297EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/21 12:0 a.m.6 views

TP-Link TL-R600VPN HTTP Server Buffer Overflow Vulnerability

The TP-Link TL-R600VPN is an enterprise router from China P&L TP-LINK. the HTTP Server is one of the HTTP servers. A buffer overflow vulnerability exists in the HTTP Server in TP-Link TL-R600VPN HWv3 FRNv1.3.0 version. An attacker can exploit the vulnerability by sending a specially crafted reque...

7.2CVSS7.4AI score0.03928EPSS
Exploits1References1
CNVD
CNVD
added 2018/11/21 12:0 a.m.4 views

TP-Link TL-R600VPN HTTP Server Denial of Service Vulnerability

The TP-Link TL-R600VPN is an enterprise router from China P&L TP-LINK. the HTTP Server is one of the HTTP servers. A denial of service vulnerability exists in the HTTP Server in TP-Link TL-R600VPN HWv3 FRNv1.3.0 version and HWv2 FRNv1.2.3 version. An attacker can exploit the vulnerability with th...

7.5CVSS7.4AI score0.23061EPSS
Exploits1References1
Rows per page
Query Builder