VYPR

TL-R600VPN

by TP-Link

CVEs (4)

  • CVE-2018-3949Dec 1, 2018
    risk 0.02cvss epss 0.53

    An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated…

  • CVE-2018-3951Dec 1, 2018
    risk 0.01cvss epss 0.04

    An exploitable remote code execution vulnerability exists in the HTTP header-parsing function of the TP-Link TL-R600VPN HTTP Server. A specially crafted HTTP request can cause a buffer overflow, resulting in remote code execution on the device. An attacker can send an…

  • CVE-2018-3950Dec 1, 2018
    risk 0.00cvss epss 0.03

    An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can…

  • CVE-2018-3948Nov 30, 2018
    risk 0.00cvss epss 0.23

    An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either…