Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35575 | 1 Tp-link | 54 Archer C5, Archer C5 Firmware, Archer C7 and 51 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices. | |||||
CVE-2018-18489 | 1 Tp-link | 2 Wr840n, Wr840n Firmware | 2024-02-04 | 6.8 MEDIUM | 4.9 MEDIUM |
The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of 1472. |