Lucene search
K

4920 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/22 8:48 p.m.8 views

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00398EPSS
Exploits0References12
CVE
CVE
added 2026/05/22 8:48 p.m.61 views

CVE-2026-3294

CVE-2026-3294 concerns an authentication logic vulnerability in multiple TP-Link range extenders. The issue allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation, enabling full administrative c...

8.8CVSS5.8AI score0.00398EPSS
Exploits0References11Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.18 views

PT-2026-42832

Name of the Vulnerable Software and Affected Versions TP-Link range extenders affected versions not specified Description An authentication logic flaw allows an unauthenticated attacker on an adjacent network to reset the administrator password due to insufficient validation of a login parameter...

8.8CVSS5.8AI score0.00398EPSS
Exploits0References15
Vulnrichment
Vulnrichment
added 2026/05/19 3:58 p.m.10 views

CVE-2026-5511 Information Disclosure via Diagnostic Interface Due to Improper Input Validation on TP-Link's Archer AX72

In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...

4.6CVSS5.8AI score0.00216EPSS
Exploits0References2
Talos Blog
Talos Blog
added 2026/05/19 3:39 p.m.12 views

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco 's...

8.8CVSS7.8AI score0.01232EPSS
Exploits1
NVD
NVD
added 2026/05/17 1:16 p.m.13 views

CVE-2018-25321

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

5.3CVSS0.0018EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/17 12:11 p.m.34 views

CVE-2018-25321 TP-Link TL-WR720N CSRF via Administrative Interfaces (firmware V1_130719)

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

5.3CVSS0.0018EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/17 12:11 p.m.8 views

CVE-2018-25321

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

5.3CVSS5.7AI score0.0018EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/17 12:11 p.m.11 views

EUVD-2018-21842

TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via...

5.3CVSS5.7AI score0.0018EPSS
Exploits1References4
CVE
CVE
added 2026/05/17 12:11 p.m.18 views

CVE-2018-25321

The CVE-2018-25321 entry describes a CSRF vulnerability in all versions of the TP-Link TL-WR720N router. An attacker can induce an authenticated user to perform unauthorized actions by visiting attacker-controlled pages, specifically enabling modification of port forwarding rules via VirtualServe...

5.3CVSS5.7AI score0.0018EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.14 views

TP-Link TL-WR720N 跨站请求伪造漏洞

The TP-Link TL-WR720N is a home wireless router by TP-Link Corporation, which supports wireless network sharing and routing functions. The TP-Link TL-WR720N has a cross-site request forgery vulnerability. This vulnerability arises from cross-site request forgery attacks, allowing attackers to...

5.3CVSS5.8AI score0.0018EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.9 views

CVE-2026-30817

An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...

6.8CVSS5.9AI score0.00276EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.10 views

CVE-2026-30816

An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...

6.8CVSS5.9AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.9 views

CVE-2026-30815

An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...

8.5CVSS7.4AI score0.0116EPSS
Exploits0References1
Talos
Talos
added 2026/05/07 12:0 a.m.10 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...

8.5CVSS7.5AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.12 views

Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability

Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....

6.8CVSS6.1AI score0.00286EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.16 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

6.8CVSS6AI score0.00276EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.9 views

Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...

8CVSS6.4AI score0.00418EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.11 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

8.5CVSS6.6AI score0.01232EPSS
Exploits0
NVD
NVD
added 2026/05/01 5:16 p.m.3 views

CVE-2026-37535

openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac 2021-08-09 contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious...

7.1CVSS0.00205EPSS
Exploits0References3
Rows per page
Query Builder