cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-34832,https://securityvulnerability.io/vulnerability/CVE-2023-34832,Buffer Overflow Vulnerability in TP-Link Archer AX10 Router,"A buffer overflow vulnerability has been identified in the TP-Link Archer AX10 (EU) V1.2_230220. This security flaw, located in the function FUN_131e8 - 0x132B4, allows an attacker to execute arbitrary code on the device. Exploitation could potentially lead to unauthorized access or a complete system compromise, thereby exposing sensitive data and disrupting network integrity. Users are encouraged to review system settings and apply necessary updates to mitigate risks.",Tp-link,Archer Ax10 Firmware,9.8,CRITICAL,0.03395000100135803,false,,false,false,false,,,false,false,,2023-06-16T00:00:00.000Z,0
CVE-2022-41540,https://securityvulnerability.io/vulnerability/CVE-2022-41540,Web Application Vulnerability in TP-Link AX10 Router,"The TP-Link AX10 web application client employs hard-coded cryptographic keys for communications with the router. This flaw allows attackers to exploit man-in-the-middle scenarios, gaining the ability to intercept and access sensitive data. By executing a brute-force attack, adversaries can decipher the hard-coded sequence key, potentially compromising user information transmitted between the client and router.",Tp-link,Ax10 Firmware,5.9,MEDIUM,0.0009299999801442027,false,,false,false,true,2022-05-27T21:09:03.000Z,true,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-41541,https://securityvulnerability.io/vulnerability/CVE-2022-41541,Replay Attack Vulnerability in TP-Link AX10 Router,"The TP-Link AX10 router is susceptible to a replay attack, where attackers can exploit a previously transmitted encrypted authentication message along with a valid authentication token. This vulnerability enables unauthorized access, allowing attackers to log in to the web application as an admin user. Consequently, it poses significant risks to the device’s security. Users are encouraged to update their firmware and adopt stronger authentication measures to mitigate potential threats.",Tp-link,Ax10 Firmware,8.1,HIGH,0.007000000216066837,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-40486,https://securityvulnerability.io/vulnerability/CVE-2022-40486,Archer AX10 Router Vulnerability Allows Code Execution by Authenticated Attackers,"The TP Link Archer AX10 router firmware version 1.3.1 allows authenticated attackers to exploit a vulnerability by uploading a specially crafted backup file. This oversight enables attackers to execute arbitrary code on the device, potentially compromising its security and functionality. Users of this router model should be aware of this risk and apply necessary security updates promptly to protect their networks.",Tp-link,Archer Ax10 V1 Firmware,8.8,HIGH,0.005040000192821026,false,,false,false,false,,,false,false,,2022-09-28T12:59:46.000Z,0
CVE-2021-41451,https://securityvulnerability.io/vulnerability/CVE-2021-41451,HTTP Misconfiguration in TP-Link Archer Series Routers,"A configuration flaw in the web interface of the TP-Link Archer AX10v1 affects the handling of HTTP/1.0 and HTTP/1.1 requests. This vulnerability allows remote unauthenticated attackers to send specifically crafted HTTP requests, which may lead to receiving improperly configured HTTP/0.9 responses. Such misconfigurations can create an opportunity for cache poisoning attacks, putting user data and system integrity at risk.",Tp-link,Archer Ax10 Firmware,7.5,HIGH,0.004480000119656324,false,,false,false,false,,,false,false,,2021-12-17T14:32:24.000Z,0
CVE-2021-41450,https://securityvulnerability.io/vulnerability/CVE-2021-41450,HTTP Request Smuggling Vulnerability in TP-Link Archer AX10 Router,"A vulnerability exists in the TP-Link Archer AX10 router that allows an unauthenticated remote attacker to exploit HTTP request smuggling techniques. By sending specially crafted HTTP packets, an attacker can cause a denial-of-service (DoS) condition, halting the web application's normal operation. This vulnerability primarily affects versions of the Archer AX10 router prior to the firmware update v1_211117, leaving many devices susceptible to exploitation and unauthorized access. Users are encouraged to update their devices to the latest firmware to mitigate this risk.",Tp-link,Archer Ax10 V1 Firmware,7.5,HIGH,0.0069599999114871025,false,,false,false,false,,,false,false,,2021-12-08T15:35:00.000Z,0
CVE-2021-40288,https://securityvulnerability.io/vulnerability/CVE-2021-40288,Denial-of-Service Vulnerability in TP-Link AX10 Wireless Router,"A Denial-of-Service vulnerability exists in the TP-Link AX10 wireless router, specifically affecting its WPA2 and WPA3-SAE authentication methods. This flaw allows a remote unauthenticated attacker to disrupt the connection of an already connected wireless client by sending specially crafted spoofed authentication frames through a wireless adapter. Ensuring that your router firmware is up-to-date is crucial for mitigating this security risk.",Tp-link,Archer Ax10 Firmware,7.5,HIGH,0.0013099999632686377,false,,false,false,false,,,false,false,,2021-12-07T19:13:36.000Z,0