cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2022-29402,https://securityvulnerability.io/vulnerability/CVE-2022-29402,,TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication.,Tp-link,Tl-wr840n Firmware,6.8,MEDIUM,0.0009699999936856329,false,false,false,false,,false,false,2022-05-25T17:24:29.000Z,0 CVE-2021-46122,https://securityvulnerability.io/vulnerability/CVE-2021-46122,,Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature.,Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2022-04-18T15:27:20.000Z,0 CVE-2022-26640,https://securityvulnerability.io/vulnerability/CVE-2022-26640,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.,Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2022-03-28T23:15:00.000Z,0 CVE-2022-26642,https://securityvulnerability.io/vulnerability/CVE-2022-26642,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.,Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2022-03-28T23:15:00.000Z,0 CVE-2022-26641,https://securityvulnerability.io/vulnerability/CVE-2022-26641,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.,Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2022-03-28T23:15:00.000Z,0 CVE-2022-26639,https://securityvulnerability.io/vulnerability/CVE-2022-26639,,TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.,Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006900000153109431,false,false,false,false,,false,false,2022-03-28T23:15:00.000Z,0 CVE-2022-25061,https://securityvulnerability.io/vulnerability/CVE-2022-25061,,TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.,Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.15573999285697937,false,false,false,true,true,false,false,2022-02-25T19:39:02.000Z,0 CVE-2022-25064,https://securityvulnerability.io/vulnerability/CVE-2022-25064,,TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.,Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.043549999594688416,false,false,false,true,true,false,false,2022-02-25T19:38:59.000Z,0 CVE-2022-25062,https://securityvulnerability.io/vulnerability/CVE-2022-25062,,TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.,Tp-link,Tl-wr840n Firmware,7.5,HIGH,0.04966000095009804,false,false,false,true,true,false,false,2022-02-25T19:38:58.000Z,0 CVE-2022-25060,https://securityvulnerability.io/vulnerability/CVE-2022-25060,,TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.,Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.15573999285697937,false,false,false,true,true,false,false,2022-02-25T19:38:56.000Z,0 CVE-2021-41653,https://securityvulnerability.io/vulnerability/CVE-2021-41653,,The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.,Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.9401900172233582,false,false,false,true,true,false,false,2021-11-13T14:18:52.000Z,0 CVE-2021-29280,https://securityvulnerability.io/vulnerability/CVE-2021-29280,,In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow,Tp-link,Tl-wr840n Firmware,6.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2021-08-19T15:31:55.000Z,0 CVE-2020-36178,https://securityvulnerability.io/vulnerability/CVE-2020-36178,,oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem.,Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.2483000010251999,false,false,false,false,,false,false,2021-01-06T20:57:57.000Z,0 CVE-2019-15060,https://securityvulnerability.io/vulnerability/CVE-2019-15060,,The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field.,Tp-link,Tl-wr840n Firmware,8.8,HIGH,0.00535999983549118,false,false,false,false,,false,false,2019-08-22T18:56:43.000Z,0 CVE-2019-12195,https://securityvulnerability.io/vulnerability/CVE-2019-12195,,"TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet.",Tp-link,Tl-wr840n Firmware,4.8,MEDIUM,0.0006900000153109431,false,false,false,false,,false,false,2019-05-24T15:24:45.000Z,0 CVE-2018-15840,https://securityvulnerability.io/vulnerability/CVE-2018-15840,,"TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an ""nmap -f"" command.",Tp-link,Tl-wr840n Firmware,7.5,HIGH,0.002309999894350767,false,false,false,false,,false,false,2019-03-29T17:09:43.000Z,0 CVE-2018-15172,https://securityvulnerability.io/vulnerability/CVE-2018-15172,,TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.,Tp-link,Tl-wr840n Firmware,7.5,HIGH,0.0061900001019239426,false,false,false,false,,false,false,2018-08-15T17:00:00.000Z,0 CVE-2018-11714,https://securityvulnerability.io/vulnerability/CVE-2018-11714,,"An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of ""Referer: http://192.168.0.1/mainFrame.htm"" then no authentication is required for any action.",Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.20287999510765076,false,false,false,false,,false,false,2018-06-04T14:29:00.000Z,0 CVE-2014-9510,https://securityvulnerability.io/vulnerability/CVE-2014-9510,,Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.,Tp-link,Tl-wr840n Firmware,,,0.0016599999507889152,false,false,false,false,,false,false,2015-01-09T18:00:00.000Z,0