VYPR

Archer C9

by TP-Link

CVEs (4)

  • CVE-2017-11519CriJul 21, 2017
    risk 0.64cvss 9.8epss 0.03

    passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511.

  • CVE-2021-35003Jan 21, 2022
    risk 0.01cvss epss 0.08

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS…

  • CVE-2023-38563Sep 6, 2023
    risk 0.00cvss epss 0.00

    Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.

  • CVE-2020-5797Nov 21, 2020
    risk 0.00cvss epss 0.01

    UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router.