CVE-2020-14965
Affected devices: TP-Link TL-WR740N v4 and TL-WR740ND v4. Vulnerability: HTML injection into the HTML context of target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name. Can be exploited through a CSRF, requiring no authentication as an administrator, o...