5781 matches found
CVE-2022-43636
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by...
CVE-2022-43635
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP por...
CVE-2022-43635
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP por...
CVE-2022-27642
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect...
CVE-2022-27642
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect...
Authentication flaw
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by...
CVE-2022-27642
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.12010.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service. The issue results from incorrect...
CVE-2022-43635
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP por...
CVE-2022-43635
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP por...
CVE-2022-27642
Summary (CVE-2022-27642) : Affects NETGEAR R6700v3 router with firmware 1.0.4.120_10.0.91. The vulnerability is in the httpd service and stems from incorrect string matching logic when accessing protected pages, allowing network-adjacent attackers to bypass authentication. In combination with oth...
CVE-2022-43635
The CVE-2022-43635 entry applies to TP-Link TL-WR940N routers (version 6_211111, 3.20.1 US). The vulnerability stems from an incorrect implementation of the httpd authentication algorithm, allowing network-adjacent attackers to disclose stored credentials. Documentation consistently indicates no ...
CVE-2022-43636
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6211111 3.20.1US routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by...
CVE-2022-24972
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which...
CVE-2022-24972
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which...
CVE-2022-24973
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on...
CVE-2022-0650
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on...
Design/Logic Flaw
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which...
Stack overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on...
CVE-2022-24972
CVE-2022-24972 affects the TP-Link TL-WR940N, version 3.20.1 Build 200316 Rel.34392n (5553). The vulnerability is in the httpd service listening on port 80, caused by a lack of proper access control, enabling network-adjacent attackers to disclose stored credentials without authentication. Report...
CVE-2022-0650
This CVE affects TP-Link TL-WR940N routers (v3.20.1 Build 200316 Rel.34392n). The root cause is a lack of proper validation of the length of user-supplied data in the httpd service, copying into a fixed-length stack-based buffer. The vulnerability allows network-adjacent attackers to execute arbi...