cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-34832,https://securityvulnerability.io/vulnerability/CVE-2023-34832,Buffer Overflow Vulnerability in TP-Link Archer AX10 Router,"A buffer overflow vulnerability has been identified in the TP-Link Archer AX10 (EU) V1.2_230220. This security flaw, located in the function FUN_131e8 - 0x132B4, allows an attacker to execute arbitrary code on the device. Exploitation could potentially lead to unauthorized access or a complete system compromise, thereby exposing sensitive data and disrupting network integrity. Users are encouraged to review system settings and apply necessary updates to mitigate risks.",Tp-link,Archer Ax10 Firmware,9.8,CRITICAL,0.03061000071465969,false,false,false,false,,false,false,2023-06-16T00:00:00.000Z,0
CVE-2022-41540,https://securityvulnerability.io/vulnerability/CVE-2022-41540,,"The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attack, and access sensitive information.",Tp-link,Ax10 Firmware,5.9,MEDIUM,0.0009299999801442027,false,false,false,true,true,false,false,2022-10-18T00:00:00.000Z,0
CVE-2022-41541,https://securityvulnerability.io/vulnerability/CVE-2022-41541,,TP-Link AX10v1 V1_211117 allows attackers to execute a replay attack by using a previously transmitted encrypted authentication message and valid authentication token. Attackers are able to login to the web application as an admin user.,Tp-link,Ax10 Firmware,8.1,HIGH,0.007000000216066837,false,false,false,false,,false,false,2022-10-18T00:00:00.000Z,0
CVE-2022-40486,https://securityvulnerability.io/vulnerability/CVE-2022-40486,,TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.,Tp-link,Archer Ax10 V1 Firmware,8.8,HIGH,0.005040000192821026,false,false,false,false,,false,false,2022-09-28T12:59:46.000Z,0
CVE-2021-41451,https://securityvulnerability.io/vulnerability/CVE-2021-41451,,"A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack.",Tp-link,Archer Ax10 Firmware,7.5,HIGH,0.004480000119656324,false,false,false,false,,false,false,2021-12-17T14:32:24.000Z,0
CVE-2021-41450,https://securityvulnerability.io/vulnerability/CVE-2021-41450,,An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet.,Tp-link,Archer Ax10 V1 Firmware,7.5,HIGH,0.0069599999114871025,false,false,false,false,,false,false,2021-12-08T15:35:00.000Z,0
CVE-2021-40288,https://securityvulnerability.io/vulnerability/CVE-2021-40288,,"A denial-of-service attack in WPA2, and WPA3-SAE authentication methods in TP-Link AX10v1 before V1_211014, allows a remote unauthenticated attacker to disconnect an already connected wireless client via sending with a wireless adapter specific spoofed authentication frames",Tp-link,Archer Ax10 Firmware,7.5,HIGH,0.0013099999632686377,false,false,false,false,,false,false,2021-12-07T19:13:36.000Z,0