cbcvebase.

Tp-Link Tl-Wr940N vulnerabilities

6 known vulnerabilities affecting tp-link/tl-wr940n.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH4MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2022-24355P2HIGHCVSS 8.8v3.20.1 Build 200316 Rel.34392n (5553)2022-02-18
CVE-2022-24355 [HIGH] CWE-121 CVE-2022-24355: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack of proper validat
nvd
CVE-2022-43636P3HIGHCVSS 8.8v6_211111 3.20.1(US)2023-03-29
CVE-2022-43636 [HIGH] CWE-330 CVE-2022-43636: This vulnerability allows network-adjacent attackers to bypass authentication on affected installati This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6_211111 3.20.1(US) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient
nvd
CVE-2022-0650P3HIGHCVSS 8.0v3.20.1 Build 200316 Rel.34392n (5553)2023-03-28
CVE-2022-0650 [HIGH] CWE-121 CVE-2022-0650: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack
nvd
CVE-2022-24973P3HIGHCVSS 8.0v3.20.1 Build 200316 Rel.34392n (5553)2023-03-28
CVE-2022-24973 [HIGH] CWE-121 CVE-2022-24973: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lac
nvd
CVE-2022-43635P3MEDIUMCVSS 6.5v6_211111 3.20.1(US)2023-03-29
CVE-2022-43635 [MEDIUM] CWE-303 CVE-2022-43635: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected i This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 6_211111 3.20.1(US) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the incorre
nvd
CVE-2022-24972P3MEDIUMCVSS 6.5v3.20.1 Build 200316 Rel.34392n (5553)2023-03-28
CVE-2022-24972 [MEDIUM] CWE-284 CVE-2022-24972: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected i This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue result
nvd
Tp-Link Tl-Wr940N vulnerabilities | cvebase