Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9105 |
|
Vulnerability in tp-link (CVE-2026-9105)
vulnerability in tp-link (CVE-2026-9105). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12760 |
|
Vulnerability in dos (CVE-2026-12760)
vulnerability in dos (CVE-2026-12760). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11409 |
|
OS Command Injection in tp-link (CVE-2026-11409)
OS command injection in tp-link (CVE-2026-11409). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11410 |
|
OS Command Injection in tp-link (CVE-2026-11410)
OS command injection in tp-link (CVE-2026-11410). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6250 |
|
Vulnerability in tp-link (CVE-2026-6250)
vulnerability in tp-link (CVE-2026-6250). Data can be tampered with by attackers.
|
| CVE-2026-8714 |
|
Vulnerability in tp-link (CVE-2026-8714)
vulnerability in tp-link (CVE-2026-8714). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1871 |
|
Vulnerability in dos (CVE-2026-1871)
vulnerability in dos (CVE-2026-1871). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`.
|
| CVE-2026-34127 |
|
Cross-Site Scripting (XSS) in tp-link (CVE-2026-34127)
cross-site scripting in tp-link (CVE-2026-34127). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34126 |
|
Vulnerability in tp-link (CVE-2026-34126)
vulnerability in tp-link (CVE-2026-34126). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8697 |
|
Vulnerability in tp-link (CVE-2026-8697)
vulnerability in tp-link (CVE-2026-8697). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5509 |
|
Vulnerability in tp-link (CVE-2026-5509)
vulnerability in tp-link (CVE-2026-5509). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3294 |
|
Vulnerability in tp-link (CVE-2026-3294)
vulnerability in tp-link (CVE-2026-3294). Successful exploitation can lead to full system takeover.
|
| CVE-2026-5511 |
|
Vulnerability in tp-link (CVE-2026-5511)
vulnerability in tp-link (CVE-2026-5511). Risk of unauthorized operations or information disclosure.
|
| CVE-2018-25321 |
|
Cross-Site Request Forgery (CSRF) in tp-link (CVE-2018-25321)
vulnerability in tp-link (CVE-2018-25321). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5363 |
|
Vulnerability in tp-link (CVE-2026-5363)
vulnerability in tp-link (CVE-2026-5363). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3227 |
|
OS Command Injection in tp-link (CVE-2026-3227)
OS command injection in tp-link (CVE-2026-3227). Successful exploitation can lead to full system takeover.
|
| CVE-2026-22226 |
|
OS Command Injection in tp-link (CVE-2026-22226)
OS command injection in tp-link (CVE-2026-22226). Successful exploitation can lead to full system takeover.
|
| CVE-2025-9377 KEV |
|
[KEV] OS Command Injection in Tp-link multiple-routers (CVE-2025-9377)
OS command injection in Tp-link multiple-routers (CVE-2025-9377). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-50224 KEV |
|
[KEV] Vulnerability in Tp-link tl-wr841n (CVE-2023-50224)
vulnerability in Tp-link tl-wr841n (CVE-2023-50224). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-24363 KEV |
|
[KEV] Vulnerability in Tp-link tl-wa855re (CVE-2020-24363)
vulnerability in Tp-link tl-wa855re (CVE-2020-24363). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-33538 KEV |
|
[KEV] Command Injection in Tp-link multiple-routers (CVE-2023-33538)
command injection in Tp-link multiple-routers (CVE-2023-33538). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-54887 |
|
Vulnerability in tp-link (CVE-2024-54887)
vulnerability in tp-link (CVE-2024-54887). Successful exploitation can lead to full system takeover.
|
| CVE-2023-27098 |
|
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
|
| CVE-2023-30383 |
|
Vulnerability in dos (CVE-2023-30383)
vulnerability in dos (CVE-2023-30383). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-34832 |
|
Vulnerability in tp-link (CVE-2023-34832)
vulnerability in tp-link (CVE-2023-34832). Successful exploitation can lead to full system takeover.
|
| CVE-2023-27126 |
|
Vulnerability in tp-link (CVE-2023-27126)
vulnerability in tp-link (CVE-2023-27126). Confidential information can be exposed externally.
|
| CVE-2023-1389 KEV |
|
[KEV] Command Injection in Tp-link archer-ax21 (CVE-2023-1389)
command injection in Tp-link archer-ax21 (CVE-2023-1389). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-42232 |
|
OS Command Injection in tp-link (CVE-2021-42232)
OS command injection in tp-link (CVE-2021-42232). Successful exploitation can lead to full system takeover.
|
| CVE-2022-30024 |
|
Vulnerability in tp-link (CVE-2022-30024)
vulnerability in tp-link (CVE-2022-30024). Successful exploitation can lead to full system takeover.
|
| CVE-2022-30075 |
|
Vulnerability in tp-link (CVE-2022-30075)
vulnerability in tp-link (CVE-2022-30075). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41653 |
|
Code Injection in tp-link (CVE-2021-41653)
code injection in tp-link (CVE-2021-41653). Successful exploitation can lead to full system takeover.
|
| CVE-2021-31658 |
|
Vulnerability in tp-link (CVE-2021-31658)
vulnerability in tp-link (CVE-2021-31658). Data can be tampered with by attackers.
|
| CVE-2021-31659 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-31659)
vulnerability in csrf (CVE-2021-31659). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26987 |
|
Out-of-Bounds Write in tp-link (CVE-2022-26987)
out-of-bounds write in tp-link (CVE-2022-26987). Successful exploitation can lead to full system takeover. Exploitable via ``MmtAtePrase``.
|
| CVE-2022-26988 |
|
Out-of-Bounds Write in tp-link (CVE-2022-26988)
out-of-bounds write in tp-link (CVE-2022-26988). Successful exploitation can lead to full system takeover. Exploitable via ``MntAte``.
|
| CVE-2015-3035 KEV |
|
[KEV] Path Traversal in Tp-link multiple-archer-devices (CVE-2015-3035)
path traversal in Tp-link multiple-archer-devices (CVE-2015-3035). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-25060 |
|
OS Command Injection in tp-link (CVE-2022-25060)
OS command injection in tp-link (CVE-2022-25060). Successful exploitation can lead to full system takeover.
|
| CVE-2022-25064 |
|
OS Command Injection in tp-link (CVE-2022-25064)
OS command injection in tp-link (CVE-2022-25064). Successful exploitation can lead to full system takeover.
|
| CVE-2022-25061 |
|
OS Command Injection in tp-link (CVE-2022-25061)
OS command injection in tp-link (CVE-2022-25061). Successful exploitation can lead to full system takeover.
|
| CVE-2022-25062 |
|
Vulnerability in dos (CVE-2022-25062)
vulnerability in dos (CVE-2022-25062). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-41451 |
|
Vulnerability in tp-link (CVE-2021-41451)
vulnerability in tp-link (CVE-2021-41451). Risk of unauthorized operations or information disclosure.
|
| CVE-2021-41450 |
|
Vulnerability in dos (CVE-2021-41450)
vulnerability in dos (CVE-2021-41450). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17745 |
|
Cross-Site Scripting (XSS) in tp-link (CVE-2017-17745)
cross-site scripting in tp-link (CVE-2017-17745). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17746 |
|
Vulnerability in tp-link (CVE-2017-17746)
vulnerability in tp-link (CVE-2017-17746). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17747 |
|
Vulnerability in dos (CVE-2017-17747)
vulnerability in dos (CVE-2017-17747). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17757 |
|
OS Command Injection in tp-link (CVE-2017-17757)
OS command injection in tp-link (CVE-2017-17757). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17758 |
|
OS Command Injection in tp-link (CVE-2017-17758)
OS command injection in tp-link (CVE-2017-17758). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16957 |
|
OS Command Injection in tp-link (CVE-2017-16957)
OS command injection in tp-link (CVE-2017-16957). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16958 |
|
OS Command Injection in tp-link (CVE-2017-16958)
OS command injection in tp-link (CVE-2017-16958). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16959 |
|
Path Traversal in tp-link (CVE-2017-16959)
path traversal in tp-link (CVE-2017-16959). Confidential information can be exposed externally.
|