cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-42232,https://securityvulnerability.io/vulnerability/CVE-2021-42232,Command Injection Vulnerability in TP-Link Archer A7 Router,"The TP-Link Archer A7 router is vulnerable to a command injection flaw located in the /usr/bin/tddp component. This vulnerability arises from the router's improper handling of incoming data packets, allowing an attacker to manipulate data sent to the device. As a result, the attacker could execute arbitrary commands on the router, potentially compromising the security and functionality of the device. Users of the Archer A7 should ensure their firmware is up to date to mitigate this risk.",Tp-link,Archer A7 Firmware,9.8,CRITICAL,0.0033499998971819878,false,,false,false,false,,,false,false,,2022-08-23T00:41:43.000Z,0
CVE-2021-27245,https://securityvulnerability.io/vulnerability/CVE-2021-27245,Firewall Bypass in TP-Link Archer A7 Routers,"This vulnerability permits a possible firewall bypass on specific TP-Link Archer A7 routers that handle IPv6 connections improperly. The flaw arises from insufficient filtering of IPv6 SSH connections, which allows an unauthorized attacker to exploit the vulnerability without needing authentication. When combined with other security flaws, this opens a pathway for code execution with root privileges, potentially compromising the device's integrity.",Tp-link,Archer A7,8.1,HIGH,0.012849999591708183,false,,false,false,false,,,false,false,,2021-03-29T21:05:33.000Z,0
CVE-2020-5795,https://securityvulnerability.io/vulnerability/CVE-2020-5795,UNIX Symbolic Link Vulnerability in TP-Link Archer A7 Router,"A vulnerability in the TP-Link Archer A7 router permits an authenticated admin user with physical and network access to execute arbitrary code. This occurs when a crafted USB drive is plugged into the device, exploiting the symlink functionality inherent in UNIX-like systems. The risk emphasizes the importance of securing physical access to network devices to mitigate potential security breaches.",Tp-link,Tp-link Archer A7 V5,6.2,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2020-11-06T14:09:38.000Z,0
CVE-2020-10888,https://securityvulnerability.io/vulnerability/CVE-2020-10888,Remote Authentication Bypass in TP-Link Archer A7 Router Firmware,"This vulnerability in TP-Link Archer A7 routers allows remote attackers to bypass authentication during the initial setup, specifically when handling SSH port forwarding requests. Due to the absence of necessary authentication, attackers can gain unauthorized access to resources typically shielded from the Wide Area Network (WAN) interface, posing a significant risk to network security. This flaw highlights the importance of robust authentication mechanisms in router configurations.",Tp-link,Archer A7,5.9,MEDIUM,0.007840000092983246,false,,false,false,false,,,false,false,,2020-03-25T19:15:26.000Z,0
CVE-2020-10887,https://securityvulnerability.io/vulnerability/CVE-2020-10887,Firewall Bypass in TP-Link Archer A7 Router Firmware,"A vulnerability has been identified in TP-Link Archer A7 routers running firmware version 190726 AC1750, allowing an attacker to bypass firewall protections through unfiltered IPv6 SSH connections. This flaw can be exploited without authentication, potentially enabling an attacker to leverage existing vulnerabilities to execute arbitrary code with root privileges. This significant security risk emphasizes the need for users to update their firmware and secure their network against unauthorized access.",Tp-link,Archer A7,8.1,HIGH,0.007699999958276749,false,,false,false,false,,,false,false,,2020-03-25T19:15:26.000Z,0
CVE-2020-10886,https://securityvulnerability.io/vulnerability/CVE-2020-10886,Remote Code Execution Vulnerability in TP-Link Archer A7 Routers,"This vulnerability enables remote attackers to execute arbitrary code on TP-Link Archer A7 routers running Firmware Ver: 190726 AC1750 without requiring authentication. The flaw resides in the tmpServer service, which operates on TCP port 20002. It arises from inadequate validation of a user-supplied string, allowing code execution in the context of the current process. Attackers can exploit this weakness to gain control over the device, posing significant security risks to users.",Tp-link,Archer A7,8.1,HIGH,0.010850000195205212,false,,false,false,false,,,false,false,,2020-03-25T19:15:25.000Z,0
CVE-2020-10885,https://securityvulnerability.io/vulnerability/CVE-2020-10885,Remote Code Execution Vulnerability in TP-Link Archer A7 Firmware,"This security flaw in the TP-Link Archer A7 Firmware allows remote attackers to execute arbitrary code due to improper validation of DNS responses. The vulnerability exists because the router does not adequately process DNS responses before performing actions, which could lead to execution of malicious code by an unauthenticated user. Attackers can exploit this issue, particularly in conjunction with other vulnerabilities, posing a significant threat to device integrity and user security.",Tp-link,Archer A7,8.1,HIGH,0.009259999729692936,false,,false,false,false,,,false,false,,2020-03-25T19:15:25.000Z,0
CVE-2020-10884,https://securityvulnerability.io/vulnerability/CVE-2020-10884,Remote Code Execution Vulnerability in TP-Link Archer A7 Router,"This vulnerability in TP-Link Archer A7 routers enables network-adjacent attackers to execute arbitrary code without authentication. The issue arises from a flaw in the tdpServer service that listens on UDP port 20002, compounded by the use of a hard-coded encryption key. Attackers can exploit this vulnerability alongside others to gain root access, posing serious risks to affected installations. For further details, refer to the Zero-Day Initiative and Packet Storm Security advisories.",Tp-link,Archer A7,8.1,HIGH,0.002469999948516488,false,,false,false,true,2020-04-07T17:57:34.000Z,true,false,false,,2020-03-25T19:15:24.000Z,0
CVE-2020-10883,https://securityvulnerability.io/vulnerability/CVE-2020-10883,Privilege Escalation Vulnerability in TP-Link Archer A7 Router Firmware,"A privilege escalation vulnerability in TP-Link Archer A7 Firmware versions allows local attackers to gain elevated permissions. This flaw arises from inadequate file system permissions, which can be exploited after the attacker has localized access to execute low-privileged code. By leveraging this vulnerability, attackers can potentially execute unauthorized actions within the system. The issue has been identified in ZDI-CAN-9651, and users are advised to apply appropriate security measures to mitigate potential threats.",Tp-link,Archer A7,5.3,MEDIUM,0.0018599999602884054,false,,false,false,true,2020-04-07T17:57:34.000Z,true,false,false,,2020-03-25T19:15:24.000Z,0
CVE-2020-10882,https://securityvulnerability.io/vulnerability/CVE-2020-10882,Remote Code Execution in TP-Link Archer A7 Firmware,"A vulnerability in the TP-Link Archer A7 router allows network-adjacent attackers to execute arbitrary code without authentication. The flaw is found in the tdpServer service, which listens on UDP port 20002. When the service processes the slave_mac parameter, it fails to properly validate user input before executing a system call, leading to serious security risks. Attackers can exploit this issue to gain root access and potentially compromise the affected system.",Tp-link,Archer A7,8.8,HIGH,0.009789999574422836,false,,false,false,true,2022-12-27T11:32:56.000Z,true,false,false,,2020-03-25T19:15:23.000Z,0
CVE-2020-10881,https://securityvulnerability.io/vulnerability/CVE-2020-10881,Remote Code Execution Vulnerability in TP-Link Archer A7 Firmware,"A vulnerability in TP-Link Archer A7 routers enables remote attackers to execute arbitrary code by exploiting the handling of DNS responses. This can occur without any authentication, allowing potential intruders to craft a malicious DNS message that causes a buffer overflow in a fixed-length, stack-based buffer. By leveraging this vulnerability, an attacker may execute code with root user privileges, posing significant security risks to users of affected firmware versions.",Tp-link,Archer A7,9.8,CRITICAL,0.008150000125169754,false,,false,false,false,,,false,false,,2020-03-25T19:15:23.000Z,0