9 matches found
EUVD-2023-32395
Malicious code in bioql PyPI...
CVE-2023-28760
TP-Link AX1800 WiFi 6 Router Archer AX21 devices allow unauthenticated attackers on the LAN to execute arbitrary code as root via the dbdir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow in...
CVE-2023-28760
TP-Link Archer AX20 (AX1800) and AX21 routers are affected. The vulnerability resides in the MiniDLNA service (minidlnad) handling of the db_dir field, allowing unauthenticated, LAN-adjacent attackers to modify files.db and trigger a stack-based buffer overflow in minidlna-1.1.2/upnpsoap.c, resul...
TP-Link AX1800 安全漏洞
TP-Link AX1800 is a WiFi router from China P&L TP-Link. A security vulnerability exists in the TP-Link AX1800 that stems from an unvalidated dbdir field that could lead to the execution of arbitrary code...
TP-LINK AX1800 Competitive Conditions Vulnerability
The TP-LINK AX1800 is a dual-band Wi-Fi 6 router from China P&L TP-LINK. The TP-LINK AX1800 suffers from a contention condition vulnerability that can be exploited by an attacker to access resources available on the LAN interface and execute arbitrary code...
CVE-2023-27346
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27346
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2023-27346 TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AX1800 routers. Authentication is not required to exploit this vulnerability. The...
(Pwn2Own) TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability
This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the hotplugd daemon. The issue results from firewall rule handling...