VYPR

TL-WR902AC

by TP-Link

CVEs (5)

  • CVE-2022-48194Dec 30, 2022
    risk 0.07cvss epss 0.33

    TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.

  • CVE-2023-50225May 3, 2024
    risk 0.00cvss epss 0.01

    TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this…

  • CVE-2023-44447May 3, 2024
    risk 0.00cvss epss 0.01

    TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR902AC routers. Authentication is not required to exploit this…

  • CVE-2023-36489Sep 6, 2023
    risk 0.00cvss epss 0.00

    Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to…

  • CVE-2022-25074Feb 22, 2022
    risk 0.00cvss epss 0.13

    TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.