Unrated severityNVD Advisory· Published Jun 23, 2020· Updated Aug 4, 2024
CVE-2020-14965
CVE-2020-14965
Description
On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name. The vulnerability can also be exploited through a CSRF, requiring no authentication as an administrator.
Affected products
2- TP-Link/TL-WR740N v4description
- Range: v4
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.