cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-28857,https://securityvulnerability.io/vulnerability/CVE-2021-28857,,TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.,Tp-link,Tl-WPa4220 Firmware,7.5,HIGH,0.003220000071451068,false,false,false,false,,false,false,2021-06-15T21:51:56.000Z,0
CVE-2021-28858,https://securityvulnerability.io/vulnerability/CVE-2021-28858,,TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.,Tp-link,Tl-WPa4220 Firmware,5.5,MEDIUM,0.0004799999878741801,false,false,false,false,,false,false,2021-06-15T21:51:50.000Z,0
CVE-2020-24297,https://securityvulnerability.io/vulnerability/CVE-2020-24297,,httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023,Tp-link,Tl-WPa4220 Firmware,8.8,HIGH,0.008500000461935997,false,false,false,false,,false,false,2020-11-18T15:28:48.000Z,0
CVE-2020-28005,https://securityvulnerability.io/vulnerability/CVE-2020-28005,,httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023,Tp-link,Tl-WPa4220 Firmware,6.5,MEDIUM,0.000750000006519258,false,false,false,false,,false,false,2020-11-18T15:27:33.000Z,0