cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-39747,https://securityvulnerability.io/vulnerability/CVE-2023-39747,Buffer Overflow Vulnerability in TP-Link Wireless Routers,"A buffer overflow vulnerability has been identified in certain TP-Link wireless routers, including models WR841N V8, TL-WR940N V2, and TL-WR941ND V5. This vulnerability occurs in the 'radiusSecret' parameter on the /userRpm/WlanSecurityRpm endpoint. An attacker can exploit this flaw to potentially execute arbitrary code, leading to unauthorized access and compromises in device integrity. Users are advised to apply the latest firmware updates and enhance their network security configurations to mitigate these risks.",Tp-link,Tl-wr940n V2 Firmware,9.8,CRITICAL,0.000750000006519258,false,false,false,false,,false,false,2023-08-21T03:15:00.000Z,0
CVE-2023-39745,https://securityvulnerability.io/vulnerability/CVE-2023-39745,Buffer Overflow Vulnerability in TP-Link Wireless Routers,"A buffer overflow vulnerability exists in TP-Link TL-WR940N V2, TL-WR941ND V5, and TL-WR841N V8 routers. This vulnerability occurs via the component /userRpm/AccessCtrlAccessRulesRpm, allowing attackers who send a specially crafted GET request to the affected devices to achieve a Denial of Service (DoS). The flaw enables potential disruption of service, affecting availability for users and posing a security risk to network environments.",Tp-link,Tl-wr940n V2 Firmware,7.5,HIGH,0.0005200000014156103,false,false,false,false,,false,false,2023-08-21T03:15:00.000Z,0
CVE-2023-36357,https://securityvulnerability.io/vulnerability/CVE-2023-36357,Denial of Service Vulnerability in TP-Link Routers,"A security flaw in the /userRpm/LocalManageControlRpm component of several TP-Link router models allows attackers to exploit the system through specially crafted GET requests, resulting in a Denial of Service attack. This vulnerability can disrupt the normal operation of affected devices, making them unavailable to legitimate users.",Tp-link,Tl-wr940n Firmware,7.7,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2023-06-22T00:00:00.000Z,0
CVE-2023-36359,https://securityvulnerability.io/vulnerability/CVE-2023-36359,Buffer Overflow Vulnerability in TP-Link Wireless Routers,"A buffer overflow vulnerability has been identified in TP-Link’s wireless routers, including models TL-WR940N and TL-WR841N. Specifically, the issue arises in the component /userRpm/QoSRuleListRpm, allowing attackers to exploit this flaw by sending specially crafted GET requests. Successful exploitation can lead to a Denial of Service (DoS), potentially rendering the affected devices inoperable. Users are advised to apply security patches released by TP-Link to mitigate this risk.",Tp-link,Tl-wr940n Firmware,7.5,HIGH,0.0009899999713525176,false,false,false,false,,false,false,2023-06-22T00:00:00.000Z,0
CVE-2023-36354,https://securityvulnerability.io/vulnerability/CVE-2023-36354,Buffer Overflow in TP-Link Routers Exposing User Access Control,"Several TP-Link router models have been found to contain a buffer overflow vulnerability in the /userRpm/AccessCtrlTimeSchedRpm component. This weakness allows attackers to craft specific GET requests that can lead to a Denial of Service (DoS), potentially disrupting network access and performance for legitimate users. Home and small office users of affected TP-Link devices should ensure that their firmware is up to date to mitigate the risk.",Tp-link,Tl-wr940n Firmware,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2023-06-22T00:00:00.000Z,0
CVE-2023-36358,https://securityvulnerability.io/vulnerability/CVE-2023-36358,Buffer Overflow Vulnerability in TP-Link Routers,"Multiple TP-Link router models have been identified to have a buffer overflow vulnerability in the /userRpm/AccessCtrlAccessTargetsRpm component. Attackers can exploit this vulnerability by sending specially crafted GET requests, potentially resulting in a Denial of Service (DoS). This issue underscores the importance of securing IoT devices and regularly updating firmware to mitigate risks.",Tp-link,Tl-wr940n Firmware,7.7,HIGH,0.0006000000284984708,false,false,false,false,,false,false,2023-06-22T00:00:00.000Z,0
CVE-2023-36355,https://securityvulnerability.io/vulnerability/CVE-2023-36355,Buffer Overflow Vulnerability in TP-Link TL-WR940N V4 Router,"A buffer overflow vulnerability has been identified in the TP-Link TL-WR940N V4 wireless router. This issue is triggered through the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm, where an attacker can exploit it through a specially crafted GET request. Successfully executing this attack can lead to a Denial of Service condition, rendering the device unresponsive. It is crucial for users to apply the latest firmware updates to mitigate this risk and secure their network.",Tp-link,Tl-wr940n Firmware,9.9,CRITICAL,0.003700000001117587,false,false,false,false,,false,false,2023-06-22T00:00:00.000Z,0
CVE-2023-36356,https://securityvulnerability.io/vulnerability/CVE-2023-36356,Buffer Read Out-of-Bounds in TP-Link Routers,"Multiple TP-Link router models, including TL-WR940N and TL-WR841N, contain a buffer read out-of-bounds vulnerability in the /userRpm/VirtualServerRpm component. This flaw can be exploited by attackers through specially crafted GET requests, potentially leading to a Denial of Service (DoS) condition, impacting the availability of the affected devices. Users should ensure their firmware is updated to mitigate potential risks associated with this vulnerability.",Tp-link,Tl-wr940n Firmware,7.7,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2023-06-22T00:00:00.000Z,0
CVE-2023-33536,https://securityvulnerability.io/vulnerability/CVE-2023-33536,Buffer Overflow Vulnerability in TP-Link Routers,"A buffer overflow vulnerability has been identified in specific TP-Link router models, namely TL-WR940N, TL-WR841N, and TL-WR740N. This vulnerability is found in the component responsible for WLAN MAC filtering, located at /userRpm/WlanMacFilterRpm. Exploiting this flaw may allow an attacker to execute arbitrary code or alter the router's behavior, potentially compromising the confidentiality and integrity of network traffic. It is crucial for users of these devices to apply mitigations or updates provided by TP-Link to ensure the security and stability of their network environments.",Tp-link,Tl-wr940n Firmware,8.1,HIGH,0.0007699999841861427,false,false,false,false,,false,false,2023-06-07T04:15:00.000Z,0
CVE-2023-33537,https://securityvulnerability.io/vulnerability/CVE-2023-33537,"Buffer Overflow in TP-Link Routers TL-WR940N, TL-WR841N, and TL-WR740N","A buffer overflow vulnerability has been identified in multiple TP-Link router models, including TL-WR940N, TL-WR841N, and TL-WR740N. This issue arises within the /userRpm/FixMapCfgRpm component, potentially allowing an attacker to execute arbitrary code or cause a denial of service. Users of the affected models should take immediate action to mitigate this risk by applying the latest firmware updates provided by TP-Link and following security best practices to secure their networks.",Tp-link,Tl-wr940n Firmware,8.1,HIGH,0.0007699999841861427,false,false,false,false,,false,false,2023-06-07T04:15:00.000Z,0
CVE-2023-33538,https://securityvulnerability.io/vulnerability/CVE-2023-33538,Command Injection Vulnerability in TP-Link Routers,"Recent findings indicate a command injection vulnerability present in specific TP-Link router models, including TL-WR940N, TL-WR841N, and TL-WR740N. This vulnerability arises from improper handling of requests via the component /userRpm/WlanNetworkRpm, which could allow attackers to execute arbitrary commands on the device. Users of these routers should apply the latest firmware updates and follow best practices for securing their network environments to mitigate potential risks.",Tp-link,Tl-wr940n Firmware,8.8,HIGH,0.0013200000394135714,false,false,false,false,,false,false,2023-06-07T04:15:00.000Z,0
CVE-2023-23040,https://securityvulnerability.io/vulnerability/CVE-2023-23040,Weak MD5 Hashing Vulnerability in TP-Link Router TL-WR940N,"The TP-Link TL-WR940N V6 3.19.1 Build 180119 router employs a deprecated MD5 hashing algorithm for the admin password used in basic authentication. This weak hashing technique renders the password susceptible to brute-force attacks, endangering the router's security. Users of this device should be aware of the potential risks and consider updating their firmware or adopting stronger security measures.",Tp-link,Tl-wr940n Firmware,7.5,HIGH,0.004089999943971634,false,false,false,false,,false,false,2023-02-22T00:00:00.000Z,0
CVE-2022-46139,https://securityvulnerability.io/vulnerability/CVE-2022-46139,,TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.,Tp-link,Tl-wr940n V4 Firmware,6.5,MEDIUM,0.0008900000248104334,false,false,false,false,,false,false,2022-12-20T00:00:00.000Z,0
CVE-2019-6989,https://securityvulnerability.io/vulnerability/CVE-2019-6989,,"TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.",Tp-link,Tl-wr940n Firmware,8.8,HIGH,0.054510001093149185,false,false,false,false,,false,false,2019-06-06T17:24:50.000Z,0