cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-28857,https://securityvulnerability.io/vulnerability/CVE-2021-28857,Cleartext Credential Transmission in TP-Link's TL-WPA4220,"The TP-Link TL-WPA4220 device has a significant security flaw where sensitive login information, including usernames and passwords, are transmitted in cleartext within HTTP cookies. This vulnerability exposes users to potential unauthorized access and attacks, as attackers could easily intercept the cookies to obtain credentials without any encryption or security measures in place.",Tp-link,Tl-WPa4220 Firmware,7.5,HIGH,0.00394000019878149,false,,false,false,false,,,false,false,,2021-06-15T21:51:56.000Z,0
CVE-2021-28858,https://securityvulnerability.io/vulnerability/CVE-2021-28858,Cleartext Transmission Vulnerability in TP-Link TL-WPA4220,"The TP-Link TL-WPA4220 device, specifically version 4.0.2 Build 20180308 Rel.37064, is susceptible to a vulnerability due to its failure to implement SSL encryption by default. This weakness allows an attacker on the same local network to intercept and monitor unencrypted traffic, potentially gaining access to cookies and other sensitive user data. As a result, the integrity and confidentiality of communications are compromised, posing significant security risks for users.",Tp-link,Tl-WPa4220 Firmware,5.5,MEDIUM,0.0004799999878741801,false,,false,false,false,,,false,false,,2021-06-15T21:51:50.000Z,0
CVE-2020-24297,https://securityvulnerability.io/vulnerability/CVE-2020-24297,Remote Code Execution Vulnerability in TP-Link TL-WPA4220 Devices,"The TL-WPA4220 device from TP-Link has a vulnerability due to its httpd allowing remote authenticated users to execute arbitrary operating system commands via specially crafted POST requests to the /admin/powerline endpoint. Users on versions 2 through 4 are specifically affected. The issue has been addressed in the updated TL-WPA4220(EU)_V4_201023 version, which users are strongly encouraged to upgrade to for maintaining device security.",Tp-link,Tl-WPa4220 Firmware,8.8,HIGH,0.008500000461935997,false,,false,false,false,,,false,false,,2020-11-18T15:28:48.000Z,0
CVE-2020-28005,https://securityvulnerability.io/vulnerability/CVE-2020-28005,Buffer Overflow Vulnerability in TP-Link TL-WPA4220 Devices,"The TP-Link TL-WPA4220 devices with hardware versions 2 through 4 are susceptible to a buffer overflow vulnerability in the httpd service. This flaw allows remote authenticated users to execute a crafted POST request to the /admin/syslog endpoint, potentially leading to a denial of service condition. Users are advised to update to the fixed version TL-WPA4220(EU)_V4_201023 to mitigate the risks associated with this vulnerability.",Tp-link,Tl-WPa4220 Firmware,6.5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2020-11-18T15:27:33.000Z,0