cbcvebase.

Tp-Link Tl-Wr902Ac vulnerabilities

3 known vulnerabilities affecting tp-link/tl-wr902ac.

Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2023-36489P3HIGHCVSS 8.8vfirmware versions prior to 'TL-WR902AC(JP)_V3_230506'2023-09-06
CVE-2023-36489 [HIGH] CWE-78 CVE-2023-36489: Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.
nvd
CVE-2023-50225P3MEDIUMCVSS 6.8v0.9.1 0.3 v008a.0 Build 211025 Rel.76009n(5553)2024-05-03
CVE-2023-50225 [MEDIUM] CWE-121 CVE-2023-50225: TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the libcmm.so module. The
nvd
CVE-2023-44447P3MEDIUMCVSS 6.5vTL-WR902AC(EU)_V1_1706282024-05-03
CVE-2023-44447 [MEDIUM] CWE-290 CVE-2023-44447: TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This vulner TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR902AC routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, whic
nvd
Tp-Link Tl-Wr902Ac vulnerabilities | cvebase