Tp-Link: >> Tl-Wdr4300 Firmware Security Vulnerabilities
Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND..
CVSS Score
9.8
EPSS Score
0.009
Published
2019-11-13
TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-10-25
TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
CVSS Score
8.8
EPSS Score
0.249
Published
2019-01-18
Cross-site scripting (XSS) vulnerability in the DHCP clients page in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to inject arbitrary web script or HTML via the hostname in a DHCP request.
CVSS Score
4.3
EPSS Score
0.004
Published
2014-09-30
The web server in the TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) with firmware before 140916 allows remote attackers to cause a denial of service (crash) via a long header in a GET request.
CVSS Score
5.0
EPSS Score
0.013
Published
2014-09-30