15 matches found
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2020-24363link is external TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability CVE-2025-55177link is external Meta Platforms WhatsApp...
VulnCheck KEV: CVE-2020-24363
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...
TP-Link TL-WA855RE V5_200415 Device Reset Authentication Bypass
Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...
TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass
Exploit Title: TP-Link TL-WA855RE V5200415 - Device Reset Auth Bypass Date: 2020/07/29 Exploit Author: malwrforensics Vendor Homepage: https://tp-link.com Software link: https://static.tp-link.com/2020/202004/20200430/TL-WA855REV5200415.zip Version: TL-WA855REUSV5200415 Tested on: N/A CVE :...
CVE-2020-24363
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...
Cross site request forgery (csrf)
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...
EUVD-2020-17095
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...
CVE-2020-24363
CVE-2020-24363 affects TP-Link TL-WA855RE V5 (20200415-rel37464). An unauthenticated attacker on the same network can submit a TDDP_RESET POST request to trigger a factory reset/reboot and then set a new administrative password, leading to incorrect access control. The vulnerability is classified...
CVE-2020-24363
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker on the same network to submit a TDDPRESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password...
PT-2020-15707
Name of the Vulnerable Software and Affected Versions: TP-Link TL-WA855RE version V5 20200415-rel37464 Description: TP-Link TL-WA855RE devices allow an unauthenticated attacker on the same network to submit a TDDP RESET POST request, leading to a factory reset and reboot. This allows the attacker...
CVE-2020-10916
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P120191213-rel60361 Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechani...
CVE-2020-10916
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P120191213-rel60361 Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechani...
CVE-2020-10916
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P120191213-rel60361 Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechani...
CVE-2020-10916
The CVE-2020-10916 issue affects TP-Link TL-WA855RE Wi‑Fi extenders (firmware 855rev4-up-ver1-0-1-P1). The root cause is improper validation during the first-time setup flow, enabling a network-adjacent attacker to bypass authentication, reset the Admin password, and execute code on the device. M...
TP-Link TL-WA855RE login.json Improper Authentication Privilege Escalation Vulnerability
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...