cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-49074,https://securityvulnerability.io/vulnerability/CVE-2023-49074,Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point Vulnerable to Denial of Service Attack,"A denial of service vulnerability has been identified in the TDDP functionality of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point. This flaw allows an attacker to send a sequence of specially crafted network requests that can trigger a factory reset of the affected device. As a result, unauthorized access and disruption of services may occur, leading to significant impacts on network operations. Proper measures should be taken to mitigate this risk and ensure the security of network environments.",Tp-link,Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),7.4,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-04-09T14:12:48.559Z,0
CVE-2023-49134,https://securityvulnerability.io/vulnerability/CVE-2023-49134,Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) Vulnerable to Command Execution via Network Requests,"A command execution vulnerability is present in the tddpd enable_test_mode functionality of specific versions of Tp-Link wireless access points, specifically the AC1350 and N300 models. Attackers may exploit this vulnerability by sending specially crafted network requests, potentially leading to arbitrary command execution on the affected devices. The N300 Wireless Gigabit Access Point version 5.0.4 is particularly vulnerable, where an attacker can send unauthenticated packets to trigger this flaw, impacting the `uclited` service. Ensuring timely updates and proper network security measures is crucial to mitigate risks associated with this vulnerability.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",8.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-04-09T14:12:48.096Z,0
CVE-2023-49133,https://securityvulnerability.io/vulnerability/CVE-2023-49133,Arbitrary Command Execution Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A command execution vulnerability exists within the 'enable_test_mode' functionality of Tp-Link's AC1350 and N300 Wireless Access Points. This flaw can be exploited by sending a carefully crafted series of unauthenticated network requests, potentially leading to the execution of arbitrary commands on the affected devices. The vulnerability is associated with the `uclited` component on the EAP225 V3 model, indicating significant implications for device security if exploited. Network administrators are advised to apply the necessary updates or mitigations to safeguard their systems.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",8.1,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-04-09T14:12:47.975Z,0
CVE-2023-48724,https://securityvulnerability.io/vulnerability/CVE-2023-48724,Memory Corruption Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point,"A memory corruption issue exists within the web interface of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point, specifically affecting the EAP225 V3 version 5.1.0 Build 20220926. Attackers can exploit this vulnerability by sending specially crafted HTTP POST requests, which may lead to a denial of service of the device's web interface. This can permit unauthorized interruption of normal web service functions, emphasizing the need for prompt updates and mitigations to secure affected installations.",Tp-link,Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),7.5,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:47.393Z,0
CVE-2023-49913,https://securityvulnerability.io/vulnerability/CVE-2023-49913,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability in the web interface's Radio Scheduling functionality of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point has been identified. An attacker with valid authentication can exploit this vulnerability by sending a specially crafted series of HTTP requests, which may lead to remote code execution. The overflow occurs specifically in the `action` parameter at offset `0x422448` within the `httpd` binary bundled with certain versions of the device. The affected versions include EAP225 V3 v5.1.0 Build 20220926 and EAP115 v5.0.4 Build 20220216.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.790Z,0
CVE-2023-49912,https://securityvulnerability.io/vulnerability/CVE-2023-49912,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability has been identified in the web interface of the Radio Scheduling function in the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point. This vulnerability arises when an attacker sends specially crafted HTTP requests, leading to the potential for remote code execution. The vulnerability specifically targets the `profile` parameter in the `httpd` binary, with its overflow occurring at offset `0x4224b0`. It is critical for users of the affected versions to implement security measures promptly to mitigate risks associated with this exploit. For more information, refer to the detailed report provided by Talos Intelligence.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.695Z,0
CVE-2023-49911,https://securityvulnerability.io/vulnerability/CVE-2023-49911,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability affects the web interface's Radio Scheduling feature of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point. This vulnerability allows an attacker to send specially crafted HTTP requests that exploit the system, leading to potential remote code execution. The specific overflow occurs via the 'band' parameter in the 'httpd' binary of the device. An attacker must be authenticated to trigger this vulnerability, which exploits the software version of EAP225 V3 and the EAP115. Proper mitigation measures are essential for securing affected devices.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.602Z,0
CVE-2023-49910,https://securityvulnerability.io/vulnerability/CVE-2023-49910,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability is present in the Radio Scheduling functionality of Tp-Link's AC1350 Wireless MU-MIMO Gigabit Access Point. This vulnerability can be exploited through specially crafted HTTP requests that an authenticated attacker can send to the device. The overflow occurs via the `ssid` parameter within the `httpd` binary, which is part of specific firmware versions. If successfully exploited, this vulnerability allows for remote code execution, potentially allowing attackers to compromise the affected system.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.510Z,0
CVE-2023-49909,https://securityvulnerability.io/vulnerability/CVE-2023-49909,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability affects the Radio Scheduling feature of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (specifically EAP225 V3 v5.1.0 Build 20220926). This vulnerability allows an attacker to exploit a specially crafted series of HTTP requests to achieve remote code execution. The overflow occurs due to improper handling of the `action` parameter in the `httpd_portal` binary, particularly at offset `0x0045ab38`. Successful exploitation requires authenticated access, posing significant risks if exploited maliciously.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.395Z,0
CVE-2023-49908,https://securityvulnerability.io/vulnerability/CVE-2023-49908,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability is present in the Radio Scheduling feature of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point. This vulnerability allows attackers to exploit the `profile` parameter through a series of specially crafted HTTP requests, leading to the potential execution of arbitrary code. The issue arises specifically in the `httpd_portal` binary associated with version v5.1.0 Build 20220926 of the EAP225. An authenticated attacker can manipulate this vulnerability to gain unauthorized control over the affected system, highlighting the need for immediate attention and patching.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.306Z,0
CVE-2023-49907,https://securityvulnerability.io/vulnerability/CVE-2023-49907,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability has been identified in the Radio Scheduling functionality of the web interface for Tp-Link's AC1350 Wireless MU-MIMO Gigabit Access Point, specifically the EAP225 V3 model running v5.1.0 Build 20220926. This vulnerability can be exploited by sending a specially crafted series of HTTP requests, potentially allowing an attacker to execute arbitrary code remotely. The overflow is triggered through the `band` parameter located at offset `0x0045aad8` within the `httpd_portal` binary included in the affected firmware. This security flaw emphasizes the need for users to ensure their devices are updated and configured securely.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.207Z,0
CVE-2023-49906,https://securityvulnerability.io/vulnerability/CVE-2023-49906,Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3),"A stack-based buffer overflow vulnerability is present in the web interface's Radio Scheduling feature of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point. Specifically, this vulnerability affects the EAP225 V3, version v5.1.0 Build 20220926. By sending a specially crafted series of HTTP requests that exploit the overflow in the `ssid` parameter, an attacker can achieve remote code execution. This flaw allows unauthorized control over the device by making authenticated HTTP requests that manipulate the `httpd_portal` binary at a specific offset. Immediate attention to this vulnerability is essential to protect against potential exploitation.",Tp-link,"Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3),N300 Wireless Access Point (eap115)",7.2,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-04-09T14:12:46.099Z,0