VYPR

TL-WR886N

by TP-Link

CVEs (41)

  • CVE-2021-44626CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reg_verify_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request.

  • CVE-2021-44625CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request.

  • CVE-2021-44623CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 via the /cloud_config/router_post/check_reset_pwd_verify_code interface.

  • CVE-2021-44622CriMar 10, 2022
    risk 0.64cvss 9.8epss 0.02

    A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request.

  • CVE-2018-19528CriNov 26, 2018
    risk 0.64cvss 9.8epss 0.03

    TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.

  • CVE-2021-44864MedFeb 8, 2022
    risk 0.43cvss 6.5epss 0.10

    TP-Link WR886N 3.0 1.0.1 Build 150127 Rel.34123n is vulnerable to Buffer Overflow. Authenticated attackers can crash router httpd services via /userRpm/PingIframeRpm.htm request which contains redundant & in parameter.

  • CVE-2018-17018MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for time_switch name.

  • CVE-2018-17017MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for dhcpd udhcpd enable.

  • CVE-2018-17016MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for reboot_timer name.

  • CVE-2018-17015MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ddns phddns username.

  • CVE-2018-17014MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ip_mac_bind name.

  • CVE-2018-17013MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for protocol wan wan_rate.

  • CVE-2018-17012MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info set_block_flag up_limit.

  • CVE-2018-17011MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for hosts_info para sun.

  • CVE-2018-17010MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g bandwidth.

  • CVE-2018-17009MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g isolate.

  • CVE-2018-17008MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_host_2g power.

  • CVE-2018-17007MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for wireless wlan_wds_2g ssid.

  • CVE-2018-17006MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall lan_manage mac2.

  • CVE-2018-17005MedSep 13, 2018
    risk 0.42cvss 6.5epss 0.01

    An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall dmz enable.