Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tl\-Wr840n_firmware
(Tp\-Link)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-06 | CVE-2020-36178 | oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem. | Tl\-Wr840n_firmware | 9.8 | ||
| 2021-08-19 | CVE-2021-29280 | In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow | Tl\-Wr840n_firmware | 6.4 | ||
| 2021-11-13 | CVE-2021-41653 | The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field. | Tl\-Wr840n_firmware | 9.8 | ||
| 2022-02-25 | CVE-2022-25060 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing. | Tl\-Wr840n_firmware | 9.8 | ||
| 2022-02-25 | CVE-2022-25061 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute. | Tl\-Wr840n_firmware | 9.8 | ||
| 2022-02-25 | CVE-2022-25062 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | Tl\-Wr840n_firmware | 7.5 | ||
| 2022-02-25 | CVE-2022-25064 | TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr. | Tl\-Wr840n_firmware | 9.8 | ||
| 2022-03-28 | CVE-2022-26639 | TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. | Tl\-Wr840n_firmware | 7.2 | ||
| 2022-03-28 | CVE-2022-26640 | TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. | Tl\-Wr840n_firmware | 7.2 | ||
| 2022-03-28 | CVE-2022-26641 | TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. | Tl\-Wr840n_firmware | 7.2 |