VYPR

TL-WR849N

by TP-Link

CVEs (2)

  • CVE-2020-9374Feb 24, 2020
    risk 0.10cvss epss 0.42

    On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.

  • CVE-2019-19143Jan 27, 2020
    risk 0.03cvss epss 0.04

    TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.