PT-2026-48516

Name of the Vulnerable Software and Affected Versions TP-Link Archer AX12 v1 TP-Link Archer AX17 v1 TP-Link Archer AX18 v1 TP-Link Archer AX1300 v1.6 Description An OS command injection issue exists in the VPN module. This occurs due to improper filtering of special characters, allowing an...

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens...

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

The Russia-linked threat actor known as APT28 aka Forest Blizzard has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at...

Exploit for CVE-2022-30075

TP-L-NK-SIZMA-EXPLO-T TP-Link Router Authenticated RCE Exploit...

CVE-2026-3227

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

EUVD-2026-12171

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

TP-LINK多款产品 安全漏洞

TP-LINK TL-WR802N, etc., are products of the TP-LINK company from China. The TP-LINK TL-WR802N is a wireless router. The TP-LINK TL-WR840N is also a wireless router. The TP-LINK TL-WR841N is another product of TP-LINK. Several TP-LINK products have security vulnerabilities; these vulnerabilities...

CVE-2025-15551

The CVE-2025-15551 affects TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4. The issue is that the device response is processed by a JavaScript function like eval without validation, enabling a MitM attacker to execute arbitrary JavaScript in the router’s admin web portal. This i...

CVE-2025-15551 LAN Code Execution on TP-Link Archer MR200, Archer C20, TL-WR850N and TL-WR845N

The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle MitM attack to execute JavaScript...

EUVD-2025-206826

The response coming from TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle MitM attack to execute JavaScript code o...

EUVD-2020-3294

Malware in sbrugna...

EUVD-2020-21268

Malware in sbrugna...

EUVD-2022-51840

Malicious code in bioql PyPI...

EUVD-2022-15744

Malicious code in bioql PyPI...

EUVD-2023-37696

Malicious code in bioql PyPI...

EUVD-2023-40327

Malicious code in bioql PyPI...

EUVD-2023-40322

Malicious code in bioql PyPI...

EUVD-2023-40324

Malicious code in bioql PyPI...

EUVD-2023-34803

Malicious code in bioql PyPI...

EUVD-2022-51839

Malicious code in bioql PyPI...