TL-WR849N
by TP-Link
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-9374 | 0.10 | — | 0.42 | Feb 24, 2020 | On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. | |||
| CVE-2019-19143 | 0.03 | — | 0.04 | Jan 27, 2020 | TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. |
- CVE-2020-9374Feb 24, 2020risk 0.10cvss —epss 0.42
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
- CVE-2019-19143Jan 27, 2020risk 0.03cvss —epss 0.04
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.