Lucene search
K

4692 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34127

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.1AI score0.00239EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS5.9AI score0.00305EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 5:17 p.m.15 views

CVE-2026-8714

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

7.1CVSS0.00206EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/05 4:14 p.m.9 views

CVE-2026-8714 Denial-of-Service Vulnerability in RTSP Input Handling on TP-Link's Tapo C520WS

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

7.1CVSS5.4AI score0.00206EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/05 4:14 p.m.44 views

CVE-2026-8714 Denial-of-Service Vulnerability in RTSP Input Handling on TP-Link's Tapo C520WS

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

7.1CVSS0.00206EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/05 4:14 p.m.9 views

CVE-2026-8714

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

7.1CVSS5.4AI score0.00206EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/05 4:14 p.m.10 views

EUVD-2026-34855

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

7.1CVSS5.5AI score0.00206EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/06/05 5:5 a.m.15 views

Multiple TP-Link products vulnerable to cleartext transmission of sensitive information

Overview Multiple TP-Link products provided by TP-Link Systems Inc. contain the following vulnerability. Cleartext transmission of sensitive information CWE-319 - CVE-2026-34126 eyegrep and izurina of L Plus LLC reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

7.5CVSS5.4AI score0.00097EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/06/03 8:8 a.m.11 views

TP-Link Archer BE450 and BE7200 vulnerable to OS command injection

Overview Archer BE450 and BE7200 provided by TP-Link contain the following vulnerability. OS command injection CWE-78 - CVE-2026-5509 Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact An arbitrary OS command may be executed...

8.5CVSS5.6AI score0.02458EPSS
Exploits0References4
NVD
NVD
added 2026/06/02 5:16 p.m.15 views

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS0.00305EPSS
Exploits0References4
NVD
NVD
added 2026/05/29 8:16 p.m.18 views

CVE-2026-34127

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 6:59 p.m.13 views

EUVD-2026-33420

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/29 6:59 p.m.15 views

CVE-2026-34127 Stored Cross-Site Scripting (XSS) via Configuration File Import on TP-Link's TL-SG108PE

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/29 6:59 p.m.9 views

CVE-2026-34127

A stored cross-site scripting XSS vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration parameter during configuration file import. An attacker with administrator access can inject malicious scrip...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

TP-Link TL-SG108PE 安全漏洞

The TP-Link TL-SG108PE is an 8-port Gigabit Ethernet intelligent managed PoE switch from TP-Link Corporation. The TP-Link TL-SG108PE v5 has a security vulnerability, which stems from improper cleaning of SYSNAM configuration parameters during the file configuration import process in the web...

5.3CVSS5.6AI score0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.18 views

PT-2026-44972

Name of the Vulnerable Software and Affected Versions TP-Link TL-SG108PE v5 affected versions not specified Description A stored cross-site scripting XSS issue exists in the web management interface. This occurs because the SYSNAM configuration parameter is not properly sanitized during the...

5.3CVSS5.7AI score0.00239EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

TP-Link Archer C64 安全漏洞

The TP-Link Archer C64 is a wireless router produced by TP-Link Corporation. The TP-Link Archer C64 V1 version has a security vulnerability. This vulnerability stems from improper execution of the authentication rate limit during the debugging of the SSH service. As a result, attackers in adjacen...

8.7CVSS5.9AI score0.0051EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.18 views

TP-Link多款产品 安全漏洞

TP-Link Tapo L535E are products of the TP-Link company from China. The TP-Link Tapo L535E is a smart color-adjustable LED bulb. The TP-Link Tapo P300 is a smart Wi-Fi multi-port plug-in device. The TP-Link Tapo D100C is a smart video doorbell with a wireless doorbell buzzer. Several TP-Link...

7.3CVSS5.9AI score0.00097EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/27 5:26 p.m.10 views

CVE-2026-5509 Arbitrary Command Injection via Browser Developer Console in TP-Link Archer BE450 and BE7200

An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interface. After successfully authenticating to the admin interface, an attacker can leverage the...

8.5CVSS6.2AI score0.02458EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/26 8:13 p.m.13 views

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.8CVSS5.8AI score0.00398EPSS
Exploits0References1
Rows per page
Query Builder