Tp-Link: >> Tl-Wr849n Firmware >> 0.9.1_4.16 Security Vulnerabilities
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
CVSS Score
9.8
EPSS Score
0.894
Published
2020-02-24
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.
CVSS Score
6.1
EPSS Score
0.02
Published
2020-01-27