TL-WR1043ND
by TP-Link
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-6971 | 0.04 | — | 0.14 | Jun 19, 2019 | An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials. | |||
| CVE-2018-16119 | 0.03 | — | 0.34 | Jun 20, 2019 | Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm. | |||
| CVE-2022-46428 | 0.00 | — | 0.00 | Dec 20, 2022 | TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process. | |||
| CVE-2013-2646 | 0.00 | — | 0.01 | Feb 3, 2020 | TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability. | |||
| CVE-2019-6972 | 0.00 | — | 0.01 | Jun 19, 2019 | An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credentials can be easily decoded and cracked by brute-force, WordList, or Rainbow Table attacks. Specifically, credentials in the "Authorization" cookie are encoded with URL encoding and base64, leading to easy… |
- CVE-2019-6971Jun 19, 2019risk 0.04cvss —epss 0.14
An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials.
- CVE-2018-16119Jun 20, 2019risk 0.03cvss —epss 0.34
Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm.
- CVE-2022-46428Dec 20, 2022risk 0.00cvss —epss 0.00
TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.
- CVE-2013-2646Feb 3, 2020risk 0.00cvss —epss 0.01
TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability.
- CVE-2019-6972Jun 19, 2019risk 0.00cvss —epss 0.01
An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credentials can be easily decoded and cracked by brute-force, WordList, or Rainbow Table attacks. Specifically, credentials in the "Authorization" cookie are encoded with URL encoding and base64, leading to easy…