Filtered by vendor Tp-link
Subscriptions
Total
506 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22225 | 1 Tp-link | 2 Archer Be230, Archer Be230 Firmware | 2026-03-19 | 7.2 High |
| A command injection vulnerability may be exploited after the admin's authentication in the VPN Connection Service on the Archer BE230 v1.2 and Archer AXE75 v1.0. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability. This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID. This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420 and Archer AXE v1.0 < 1.5.3 Build 20260209 rel. 71108. | ||||
| CVE-2026-0630 | 1 Tp-link | 2 Archer Be230, Archer Be230 Firmware | 2026-03-19 | 8.0 High |
| An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) and Archer AXE75 v1.0 allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity, network security, and service availability. This CVE covers one of multiple distinct OS command injection issues identified across separate code paths. Although similar in nature, each instance is tracked under a unique CVE ID.This issue affects Archer BE230 v1.2 < 1.2.4 Build 20251218 rel.70420 and Archer AXE v1.0 < 1.5.3 Build 20260209 rel. 71108. | ||||
| CVE-2025-53711 | 1 Tp-link | 5 Tl-wr841n, Tl-wr841n(eu), Tl-wr841n Firmware and 2 more | 2026-03-19 | 7.5 High |
| A vulnerability has been found in TP-Link TL-WR841N v11, TL-WR842ND v2 and TL-WR494N v3. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2026-3227 | 2 Tp-link, Tp Link | 3 Tl-wr802n, Tl-wr841n, Tl-wr840n | 2026-03-17 | N/A |
| A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file that results in execution of OS commands with root privileges during port-trigger processing. Successful exploitation allows an authenticated attacker to execute system commands with root privileges, leading to full device compromise. | ||||
| CVE-2025-62501 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.1 High |
| SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if captured credentials are reused.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-9290 | 1 Tp-link | 114 Beam Bridge 5 Ur, Beam Bridge 5 Ur Firmware, Dr3220v-4g and 111 more | 2026-03-16 | 5.9 Medium |
| An authentication weakness was identified in Omada Controllers, Gateways and Access Points, controller-device adoption due to improper handling of random values. Exploitation requires advanced network positioning and allows an attacker to intercept adoption traffic and forge valid authentication through offline precomputation, potentially exposing sensitive information and compromising confidentiality. | ||||
| CVE-2025-9289 | 1 Tp-link | 10 Oc200, Oc200 Firmware, Oc220 and 7 more | 2026-03-16 | 4.7 Medium |
| A Cross-Site Scripting (XSS) vulnerability was identified in a parameter in Omada Controllers due to improper input sanitization. Exploitation requires advanced conditions, such as network positioning or emulating a trusted entity, and user interaction by an authenticated administrator. If successful, an attacker could execute arbitrary JavaScript in the administrator’s browser, potentially exposing sensitive information and compromising confidentiality. | ||||
| CVE-2026-0918 | 1 Tp-link | 7 Tapo, Tapo C220, Tapo C220 Firmware and 4 more | 2026-03-16 | 7.5 High |
| The Tapo C220 v1 and C520WS v2 cameras’ HTTP service does not safely handle POST requests containing an excessively large Content-Length header. The resulting failed memory allocation triggers a NULL pointer dereference, causing the main service process to crash. An unauthenticated attacker can repeatedly crash the service, causing temporary denial of service. The device restarts automatically, and repeated requests can keep it unavailable. | ||||
| CVE-2025-62673 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-62405 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-62404 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-61983 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-61944 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length values.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-59487 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset is used to determine the write location in memory. By crafting a packet with a manipulated field offset, an attacker can redirect writes to arbitrary memory locations.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-59482 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-58455 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2025-58077 | 1 Tp-link | 2 Archer Ax53, Archer Ax53 Firmware | 2026-03-16 | 8.0 High |
| Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. | ||||
| CVE-2026-1668 | 1 Tp-link | 39 Sg2005p-pd, Sg2008, Sg2008p and 36 more | 2026-03-16 | N/A |
| The web interface on multiple Omada switches does not adequately validate certain external inputs, which may lead to out-of-bound memory access when processing crafted requests. Under specific conditions, this flaw may result in unintended command execution.<br>An unauthenticated attacker with network access to the affected interface may cause memory corruption, service instability, or information disclosure. Successful exploitation may allow remote code execution or denial-of-service. | ||||
| CVE-2026-0653 | 1 Tp-link | 3 Tapo C260, Tapo C260 Firmware, Tapo C260 V1 | 2026-03-13 | 6.5 Medium |
| On TP-Link Tapo C260 v1 and D235 v1, a guest‑level authenticated user can bypass intended access restrictions by sending crafted requests to a synchronization endpoint. This allows modification of protected device settings despite limited privileges. An attacker may change sensitive configuration parameters without authorization, resulting in unauthorized device state manipulation but not full code execution. | ||||
| CVE-2026-0651 | 1 Tp-link | 3 Tapo C260, Tapo C260 Firmware, Tapo C260 V1 | 2026-03-13 | 7.8 High |
| On TP-Link Tapo C260 v1 and D235 v1, path traversal is possible due to improper handling of specific GET request paths via https, allowing local unauthenticated probing of filesystem paths. An attacker on the local network can determine whether certain files exists on the device, with no read, write or code execution possibilities. | ||||