4920 matches found
CVE-2026-3294
An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...
CVE-2026-3294
CVE-2026-3294 concerns an authentication logic vulnerability in multiple TP-Link range extenders. The issue allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation, enabling full administrative c...
PT-2026-42832
Name of the Vulnerable Software and Affected Versions TP-Link range extenders affected versions not specified Description An authentication logic flaw allows an unauthenticated attacker on an adjacent network to reset the administrator password due to insufficient validation of a login parameter...
CVE-2026-5511 Information Disclosure via Diagnostic Interface Due to Improper Input Validation on TP-Link's Archer AX72
In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...
TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities
Cisco Talos' Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco 's...
CVE-2018-25321
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...
CVE-2018-25321 TP-Link TL-WR720N CSRF via Administrative Interfaces (firmware V1_130719)
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...
CVE-2018-25321
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...
EUVD-2018-21842
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...
CVE-2018-25321
The CVE-2018-25321 entry describes a CSRF vulnerability in all versions of the TP-Link TL-WR720N router. An attacker can induce an authenticated user to perform unauthorized actions by visiting attacker-controlled pages, specifically enabling modification of port forwarding rules via VirtualServe...
TP-Link TL-WR720N 跨站请求伪造漏洞
The TP-Link TL-WR720N is a home wireless router by TP-Link Corporation, which supports wireless network sharing and routing functions. The TP-Link TL-WR720N has a cross-site request forgery vulnerability. This vulnerability arises from cross-site request forgery attacks, allowing attackers to...
CVE-2026-30817
An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30816
An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...
CVE-2026-30815
An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...
Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...
Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability
Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability
Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...
Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...
Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability
Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...
CVE-2026-37535
openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac 2021-08-09 contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious...