469 matches found
CVE-2018-17004
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wlanaccess name...
Design/Logic Flaw
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for firewall lanmanage mac2...
Design/Logic Flaw
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for firewall dmz enable...
Design/Logic Flaw
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for ipmacbind name...
CVE-2018-17006
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for firewall lanmanage mac2...
Design/Logic Flaw
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanwds2g ssid...
CVE-2018-17009
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanhost2g isolate...
CVE-2018-17005
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for firewall dmz enable...
CVE-2018-17016
The CVE-2018-17016 issue affects the TP-Link TL-WR886N devices (versions 6.0 2.3.4 and 7.0 1.1.0). The vulnerability allows authenticated attackers to crash router services (including inetd, HTTP, DNS, and UPnP) by sending long JSON data targeting the reboot_timer field. The connected sources pro...
CVE-2018-17008
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanhost2g power...
CVE-2018-17011
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for hostsinfo para sun...
CVE-2018-17014
The CVE-2018-17014 issue affects TP-Link TL-WR886N devices in 6.0 2.3.4 and 7.0 1.1.0 revisions. Authenticated attackers can crash router services (inetd, HTTP, DNS, UPnP) by sending excessively long JSON data in the ip_mac_bind field. The connected sources corroborate the same description across...
CVE-2018-17004
CVE-2018-17004 affects TP-Link TL-WR886N devices, specifically version 6.0 2.3.4 and 7.0 1.1.0. The issue allows authenticated attackers to crash router services (inetd, HTTP, DNS, UPnP) by sending long JSON data for the wlan_access name. This can impact availability of router services (as indica...
CVE-2018-17012
The CVE-2018-17012 issue affects TP-Link TL-WR886N devices (firmware versions 6.0 2.3.4 and 7.0 1.1.0). The root cause involves processing of long JSON data for hosts_info set_block_flag up_limit, which can cause authenticated attackers to crash router services such as inetd, HTTP, DNS, and UPnP....
CVE-2018-17018
CVE-2018-17018 affects TP-Link TL-WR886N devices (versions 6.0 2.3.4 and 7.0 1.1.0). Authenticated attackers can crash router services (inetd, HTTP, DNS, UPnP) by sending long JSON data for the time_switch name. The impact described is partial availability loss of those services. The available so...
CVE-2018-17010
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanhost2g bandwidth...
CVE-2018-17017
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for dhcpd udhcpd enable...
CVE-2018-17013
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for protocol wan wanrate...
CVE-2018-17009
Affected devices: TP-Link TL-WR886N (versions 6.0 2.3.4 and 7.0 1.1.0). Vulnerability: authenticated attackers can crash router services (inetd, HTTP, DNS, UPnP) by sending long JSON data to the wireless wlan_host_2g isolate. Root cause/impact: abnormal/overlong JSON payload leads to denial of se...
CVE-2018-16731
CScms 4.1 allows arbitrary file upload by for example adding the php extension to the default filetype list gif, jpg, png, and then providing a .php pathname within fileurl JSON data...