cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-29402,https://securityvulnerability.io/vulnerability/CVE-2022-29402,Insecure UART Console Access in TP-Link Router,"The TP-Link TL-WR840N EU v6.20 has a significant vulnerability due to inadequate protections on its UART console. This loophole enables attackers to gain unauthorized access to the UART port through a serial connection. By exploiting this flaw, intruders can execute commands as the root user without any form of authentication, posing a severe risk to network security and device integrity.",Tp-link,Tl-wr840n Firmware,6.8,MEDIUM,0.0010900000343099236,false,,false,false,false,,,false,false,,2022-05-25T17:24:29.000Z,0
CVE-2021-46122,https://securityvulnerability.io/vulnerability/CVE-2021-46122,Buffer Overflow Vulnerability in Tp-Link TL-WR840N Router Firmware,"The TP-Link TL-WR840N (EU) v6.20 Router Firmware is susceptible to a buffer overflow vulnerability triggered through the password reset functionality. This flaw can potentially allow attackers to manipulate memory, leading to unauthorized access or remote code execution. Users are advised to update to the latest firmware and review security configurations to mitigate risks associated with this vulnerability.",Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006900000153109431,false,,false,false,false,,,false,false,,2022-04-18T15:27:20.000Z,0
CVE-2022-26641,https://securityvulnerability.io/vulnerability/CVE-2022-26641,Buffer Overflow Vulnerability in TP-LINK TL-WR840N Router,"The TP-LINK TL-WR840N(ES)_V6.20 router has been found to have a buffer overflow vulnerability caused by improper handling of the httpRemotePort parameter. This issue could potentially allow unauthorized access and manipulation of the router's settings, posing a significant risk to network integrity and personal data security. Users are advised to review their configurations and apply any relevant security patches to mitigate potential threats.",Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2022-03-28T23:15:00.000Z,0
CVE-2022-26639,https://securityvulnerability.io/vulnerability/CVE-2022-26639,Buffer Overflow Vulnerability in TP-LINK TL-WR840N Router,"The TP-LINK TL-WR840N(ES)_V6.20 router is susceptible to a buffer overflow vulnerability that can be exploited through the DNSServers parameter. An attacker could leverage this weakness to execute arbitrary code or cause a denial of service, compromising the device’s integrity and availability. Proper network security measures and regular updates are crucial to mitigate this risk.",Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2022-03-28T23:15:00.000Z,0
CVE-2022-26640,https://securityvulnerability.io/vulnerability/CVE-2022-26640,Buffer Overflow Vulnerability in TP-LINK TL-WR840N Router,"The TP-LINK TL-WR840N(ES)_V6.20 has been identified to have a buffer overflow vulnerability caused by improper handling of the minAddress parameter. This flaw can potentially allow an attacker to execute arbitrary code, leading to unauthorized access and control over the device. Users of this router model should take immediate action to mitigate any security risks associated with this vulnerability.",Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2022-03-28T23:15:00.000Z,0
CVE-2022-26642,https://securityvulnerability.io/vulnerability/CVE-2022-26642,Buffer Overflow Vulnerability in TP-LINK TL-WR840N Router,"The TP-LINK TL-WR840N(ES)_V6.20 router has been identified to have a buffer overflow vulnerability associated with the X_TP_ClonedMACAddress parameter. This flaw may allow an attacker to send specially crafted inputs that exceed the buffer's capacity, potentially resulting in arbitrary code execution or denial of service. Users of this router model should be aware of the implications of this vulnerability and consider implementing appropriate security measures to protect their network.",Tp-link,Tl-wr840n Firmware,7.2,HIGH,0.0006699999794363976,false,,false,false,false,,,false,false,,2022-03-28T23:15:00.000Z,0
CVE-2022-25061,https://securityvulnerability.io/vulnerability/CVE-2022-25061,Command Injection Vulnerability in TP-LINK's TL-WR840N Router,"A command injection vulnerability has been identified in TP-LINK's TL-WR840N router model. This vulnerability allows an attacker to exploit the device using the component oal_setIp6DefaultRoute, potentially compromising the device's functionality and security. Users are advised to review their router configurations and apply necessary security measures to mitigate this risk.",Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.2049199938774109,false,,false,false,true,2022-02-25T21:18:11.000Z,true,false,false,,2022-02-25T19:39:02.000Z,0
CVE-2022-25064,https://securityvulnerability.io/vulnerability/CVE-2022-25064,Remote Code Execution in TP-LINK TL-WR840N Router,The TP-LINK TL-WR840N router was found to be susceptible to a remote code execution vulnerability through the oal_wan6_setIpAddr function. This flaw allows an attacker to execute arbitrary code on the router by sending specially crafted payloads via IPv6 address input fields. Prompt mitigation is recommended to prevent potential unauthorized access and exploitation of the device.,Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.04583999887108803,false,,false,false,true,2022-03-01T15:10:20.000Z,true,false,false,,2022-02-25T19:38:59.000Z,0
CVE-2022-25062,https://securityvulnerability.io/vulnerability/CVE-2022-25062,Integer Overflow Vulnerability in TP-LINK TL-WR840N Router,"A vulnerability exists in the TP-LINK TL-WR840N router that allows an attacker to exploit an integer overflow through the function dm_checkString. By sending a specially crafted HTTP request, an attacker could trigger a Denial of Service (DoS), rendering the device unresponsive. This issue highlights the need for securing routers against potential threats that could disrupt service availability.",Tp-link,Tl-wr840n Firmware,7.5,HIGH,0.04966000095009804,false,,false,false,true,2022-02-25T22:04:41.000Z,true,false,false,,2022-02-25T19:38:58.000Z,0
CVE-2022-25060,https://securityvulnerability.io/vulnerability/CVE-2022-25060,Command Injection Vulnerability in TP-LINK TL-WR840N Router,"The TP-LINK TL-WR840N router is susceptible to a command injection vulnerability through the component oal_startPing. This flaw allows an attacker to execute arbitrary commands on the affected device, potentially compromising network security. Users of the TL-WR840N(ES)_V6.20_180709 version should take immediate steps to mitigate risks associated with this vulnerability.",Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.2049199938774109,false,,false,false,true,2022-02-25T21:42:01.000Z,true,false,false,,2022-02-25T19:38:56.000Z,0
CVE-2021-41653,https://securityvulnerability.io/vulnerability/CVE-2021-41653,Remote Code Execution Vulnerability in TP-Link Router,"The PING function on the TP-Link TL-WR840N EU v5 router is susceptible to a remote code execution vulnerability. This flaw allows attackers to send a crafted payload through the IP address input field, potentially leading to unauthorized access and control over the device. Users are advised to update their firmware to mitigate risks.",Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.9188500046730042,false,,false,false,true,2021-11-29T06:39:43.000Z,true,false,false,,2021-11-13T14:18:52.000Z,0
CVE-2021-29280,https://securityvulnerability.io/vulnerability/CVE-2021-29280,Buffer Overflow Vulnerability in TP-Link Wireless N Router WR840N,"The TP-Link Wireless N Router WR840N is susceptible to an ARP poisoning attack, which can lead to a buffer overflow. This vulnerability enables attackers to manipulate ARP responses, potentially allowing them to divert traffic or gain unauthorized access to the network. When exploited, the vulnerability could result in disruption of services or compromise of sensitive information transmitted over the network.",Tp-link,Tl-wr840n Firmware,6.4,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2021-08-19T15:31:55.000Z,0
CVE-2020-36178,https://securityvulnerability.io/vulnerability/CVE-2020-36178,OS Command Injection Vulnerability in TP-Link TL-WR840N Router,"The TP-Link TL-WR840N 6_EU_0.9.1_4.16 is susceptible to an OS command injection flaw due to improper handling of user input from its web interface. Specifically, the function oal_ipt_addBridgeIsolationRules allows raw strings, such as those entered in an IP address field, to be directly executed within a system library call, leading to potential misuse. Such vulnerabilities can provide attackers with the ability to execute arbitrary commands on the affected device, creating significant security risks.",Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.2483000010251999,false,,false,false,false,,,false,false,,2021-01-06T20:57:57.000Z,0
CVE-2019-15060,https://securityvulnerability.io/vulnerability/CVE-2019-15060,Remote Code Execution Vulnerability in TP-Link TL-WR840N Router,"The traceroute functionality in the TP-Link TL-WR840N v4 router is susceptible to a serious vulnerability that allows an attacker to execute arbitrary code remotely. This is achieved by sending a specially crafted payload within the IP address input field, which can compromise the router's security. Users of this device are advised to review their firmware version and apply necessary security updates to mitigate potential exploitation.",Tp-link,Tl-wr840n Firmware,8.8,HIGH,0.00535999983549118,false,,false,false,false,,,false,false,,2019-08-22T18:56:43.000Z,0
CVE-2019-12195,https://securityvulnerability.io/vulnerability/CVE-2019-12195,Cross-Site Scripting Vulnerability in TP-Link TL-WR840N Router,"The TP-Link TL-WR840N v5 00000005 router is susceptible to a Cross-Site Scripting (XSS) vulnerability that allows attackers to manipulate the network name to execute malicious payloads. This may lead to disruption of internet connectivity, as all users connected to the router could be forcibly disconnected. An attacker must first compromise the router's login credentials and gain access to the administrative interface to exploit this vulnerability, highlighting significant security concerns for users of this device.",Tp-link,Tl-wr840n Firmware,4.8,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2019-05-24T15:24:45.000Z,0
CVE-2018-15840,https://securityvulnerability.io/vulnerability/CVE-2018-15840,Denial of Service Vulnerability in TP-Link TL-WR840N Wireless Router,"The TP-Link TL-WR840N wireless router is susceptible to a Denial of Service (DoS) attack due to its handling of fragmented packets. Attackers can exploit this vulnerability by sending specially crafted packets to the device, which may result in a significant disruption of network services. This exploit can be executed remotely, allowing malicious actors to incapacitate the router by utilizing commands such as 'nmap -f'. As a result, users might experience a complete networking outage, severely impacting connectivity and performance.",Tp-link,Tl-wr840n Firmware,7.5,HIGH,0.0022799998987466097,false,,false,false,false,,,false,false,,2019-03-29T17:09:43.000Z,0
CVE-2018-15172,https://securityvulnerability.io/vulnerability/CVE-2018-15172,,TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.,Tp-link,Tl-wr840n Firmware,7.5,HIGH,0.0061900001019239426,false,,false,false,false,,,false,false,,2018-08-15T17:00:00.000Z,0
CVE-2018-11714,https://securityvulnerability.io/vulnerability/CVE-2018-11714,,"An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of ""Referer: http://192.168.0.1/mainFrame.htm"" then no authentication is required for any action.",Tp-link,Tl-wr840n Firmware,9.8,CRITICAL,0.20287999510765076,false,,false,false,false,,,false,false,,2018-06-04T14:29:00.000Z,0
CVE-2014-9510,https://securityvulnerability.io/vulnerability/CVE-2014-9510,,Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.,Tp-link,Tl-wr840n Firmware,,,0.0016599999507889152,false,,false,false,false,,,false,false,,2015-01-09T18:00:00.000Z,0