8 matches found
CVE-2020-28877
Buffer overflow in in the copymsgelement function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N...
CVE-2020-28877
Buffer overflow in in the copymsgelement function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N...
CVE-2020-28877
Buffer overflow in in the copymsgelement function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N...
TP-Link WDR Series Command Injection Vulnerability
TP-Link WDR Series is a WDR series wireless router from China P&L TP-LINK. A command injection vulnerability exists in TP-Link WDR Series using v3 firmware e.g., TL-WDR5620 version V3.0, which stems from the inclusion of the sehll metacharacter in the 'citycode' field. A remote attacker could...
Command injection
TP-Link WDR Series devices through firmware v3 such as TL-WDR5620 V3.0 are affected by command injection after login leading to remote code execution, because shell metacharacters can be included in the weather getweatherobserve citycode field...
CVE-2019-6487
TP-Link WDR Series devices through firmware v3 such as TL-WDR5620 V3.0 are affected by command injection after login leading to remote code execution, because shell metacharacters can be included in the weather getweatherobserve citycode field...
CVE-2019-6487
TP-Link WDR Series devices through firmware v3 such as TL-WDR5620 V3.0 are affected by command injection after login leading to remote code execution, because shell metacharacters can be included in the weather getweatherobserve citycode field...
CVE-2019-6487
CVE-2019-6487 affects TP-Link WDR Series devices with firmware v3 (e.g., TL-WDR5620 V3.0). The issue is a command injection vulnerability exploitable after login via the weather get_weather_observe citycode field, enabling remote code execution. Multiple sources (NVD/NVD-derived, Red Hat advisory...