Refine your search
24 vulnerabilities found for AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) by Tp-Link
CVE-2023-49913 (GCVE-0-2023-49913)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:13:53.666002Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:49:27.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:20:01.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:09.105Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49913",
"datePublished": "2024-04-09T14:12:46.790Z",
"dateReserved": "2023-12-01T22:10:32.247Z",
"dateUpdated": "2025-11-04T18:20:01.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49912 (GCVE-0-2023-49912)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:05.246412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:49:09.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:59.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.948Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49912",
"datePublished": "2024-04-09T14:12:46.695Z",
"dateReserved": "2023-12-01T22:10:32.247Z",
"dateUpdated": "2025-11-04T18:19:59.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49911 (GCVE-0-2023-49911)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:12.233567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:48:46.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:58.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.793Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49911",
"datePublished": "2024-04-09T14:12:46.602Z",
"dateReserved": "2023-12-01T22:10:32.247Z",
"dateUpdated": "2025-11-04T18:19:58.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49910 (GCVE-0-2023-49910)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:08.721454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:47:49.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:57.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.635Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49910",
"datePublished": "2024-04-09T14:12:46.510Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:57.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49909 (GCVE-0-2023-49909)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:34:25.384043Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:44:18.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:56.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.459Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49909",
"datePublished": "2024-04-09T14:12:46.395Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:56.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49908 (GCVE-0-2023-49908)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:07.387098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:47:15.789Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:54.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.213Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49908",
"datePublished": "2024-04-09T14:12:46.306Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:54.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49907 (GCVE-0-2023-49907)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:50:03.936083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:46:58.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:53.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.890Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49907",
"datePublished": "2024-04-09T14:12:46.207Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:53.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49906 (GCVE-0-2023-49906)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x0045ab7c` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:10.209791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:49:44.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:52.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x0045ab7c` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.703Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49906",
"datePublished": "2024-04-09T14:12:46.099Z",
"dateReserved": "2023-12-01T22:10:32.245Z",
"dateUpdated": "2025-11-04T18:19:52.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49134 (GCVE-0-2023-49134)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Summary
A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP115(V4) 5.0.4 Build 20220216 of the N300 Wireless Gigabit Access Point.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T19:30:35.924227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:42:34.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:39.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP115(V4) 5.0.4 Build 20220216 of the N300 Wireless Gigabit Access Point."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.303Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49134",
"datePublished": "2024-04-09T14:12:48.096Z",
"dateReserved": "2023-11-22T15:34:13.184Z",
"dateUpdated": "2025-11-04T18:19:39.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49133 (GCVE-0-2023-49133)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Summary
A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1350 Wireless MU-MIMO Gigabit Access Point.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T17:24:28.865802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T18:15:23.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:38.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1350 Wireless MU-MIMO Gigabit Access Point."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.143Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49133",
"datePublished": "2024-04-09T14:12:47.975Z",
"dateReserved": "2023-11-22T15:34:13.184Z",
"dateUpdated": "2025-11-04T18:19:38.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49074 (GCVE-0-2023-49074)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-749 - Exposed Dangerous Method or Function
Summary
A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49074",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T15:42:34.807142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:54.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:33.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:11.037Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49074",
"datePublished": "2024-04-09T14:12:48.559Z",
"dateReserved": "2023-11-21T14:38:31.718Z",
"dateUpdated": "2025-11-04T18:19:33.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-48724 (GCVE-0-2023-48724)
Vulnerability from nvd
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"lessThanOrEqual": "v5.1.0 Build 20220926",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T17:06:09.308925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:32.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:15.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1864"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device\u0027s web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:09.474Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-48724",
"datePublished": "2024-04-09T14:12:47.393Z",
"dateReserved": "2023-11-22T15:41:33.640Z",
"dateUpdated": "2025-11-04T18:19:15.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49074 (GCVE-0-2023-49074)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-749 - Exposed Dangerous Method or Function
Summary
A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49074",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T15:42:34.807142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:54.416Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:33.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1861"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:11.037Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1861"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49074",
"datePublished": "2024-04-09T14:12:48.559Z",
"dateReserved": "2023-11-21T14:38:31.718Z",
"dateUpdated": "2025-11-04T18:19:33.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49134 (GCVE-0-2023-49134)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Summary
A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP115(V4) 5.0.4 Build 20220216 of the N300 Wireless Gigabit Access Point.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T19:30:35.924227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:42:34.306Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:39.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP115(V4) 5.0.4 Build 20220216 of the N300 Wireless Gigabit Access Point."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.303Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49134",
"datePublished": "2024-04-09T14:12:48.096Z",
"dateReserved": "2023-11-22T15:34:13.184Z",
"dateUpdated": "2025-11-04T18:19:39.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49133 (GCVE-0-2023-49133)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-829 - Inclusion of Functionality from Untrusted Control Sphere
Summary
A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1350 Wireless MU-MIMO Gigabit Access Point.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-19T17:24:28.865802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-22T18:15:23.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:38.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.This vulnerability impacts `uclited` on the EAP225(V3) 5.1.0 Build 20220926 of the AC1350 Wireless MU-MIMO Gigabit Access Point."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-829",
"description": "CWE-829: Inclusion of Functionality from Untrusted Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.143Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1862"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49133",
"datePublished": "2024-04-09T14:12:47.975Z",
"dateReserved": "2023-11-22T15:34:13.184Z",
"dateUpdated": "2025-11-04T18:19:38.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-48724 (GCVE-0-2023-48724)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"lessThanOrEqual": "v5.1.0 Build 20220926",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-48724",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T17:06:09.308925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:27:32.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:15.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1864"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device\u0027s web interface. An attacker can send an unauthenticated HTTP POST request to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:09.474Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1864"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-48724",
"datePublished": "2024-04-09T14:12:47.393Z",
"dateReserved": "2023-11-22T15:41:33.640Z",
"dateUpdated": "2025-11-04T18:19:15.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49913 (GCVE-0-2023-49913)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:13:53.666002Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:49:27.591Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:20:01.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x422448` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:09.105Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49913",
"datePublished": "2024-04-09T14:12:46.790Z",
"dateReserved": "2023-12-01T22:10:32.247Z",
"dateUpdated": "2025-11-04T18:20:01.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49912 (GCVE-0-2023-49912)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:05.246412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:49:09.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:59.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x4224b0` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.948Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49912",
"datePublished": "2024-04-09T14:12:46.695Z",
"dateReserved": "2023-12-01T22:10:32.247Z",
"dateUpdated": "2025-11-04T18:19:59.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49911 (GCVE-0-2023-49911)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:12.233567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:48:46.054Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:58.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x422420` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.793Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49911",
"datePublished": "2024-04-09T14:12:46.602Z",
"dateReserved": "2023-12-01T22:10:32.247Z",
"dateUpdated": "2025-11-04T18:19:58.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49910 (GCVE-0-2023-49910)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49910",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:08.721454Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:47:49.366Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:57.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x42247c` of the `httpd` binary shipped with v5.0.4 Build 20220216 of the EAP115."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.635Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49910",
"datePublished": "2024-04-09T14:12:46.510Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:57.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49909 (GCVE-0-2023-49909)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49909",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:34:25.384043Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:44:18.837Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:56.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `action` parameter at offset `0x0045ab38` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.459Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49909",
"datePublished": "2024-04-09T14:12:46.395Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:56.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49908 (GCVE-0-2023-49908)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49908",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:07.387098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:47:15.789Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:54.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `profile` parameter at offset `0x0045abc8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:08.213Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49908",
"datePublished": "2024-04-09T14:12:46.306Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:54.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49907 (GCVE-0-2023-49907)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49907",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:50:03.936083Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:46:58.765Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:53.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `band` parameter at offset `0x0045aad8` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.890Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49907",
"datePublished": "2024-04-09T14:12:46.207Z",
"dateReserved": "2023-12-01T22:10:32.246Z",
"dateUpdated": "2025-11-04T18:19:53.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-49906 (GCVE-0-2023-49906)
Vulnerability from cvelistv5
Published
2024-04-09 14:12
Modified
2025-11-04 18:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x0045ab7c` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Tp-Link | AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) |
Version: v5.1.0 Build 20220926 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:tp-link:ac1350_firmware:v5.1.0_build_20220926:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ac1350_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.1.0_build_20220926"
}
]
},
{
"cpes": [
"cpe:2.3:o:tp-link:n300_firmware:v5.0.4_build_20220216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "n300_firmware",
"vendor": "tp-link",
"versions": [
{
"status": "affected",
"version": "v5.0.4_build_20220216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T16:18:10.209791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-19T17:49:44.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T18:19:52.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.1.0 Build 20220926"
}
]
},
{
"product": "N300 Wireless Access Point (EAP115)",
"vendor": "Tp-Link",
"versions": [
{
"status": "affected",
"version": "v5.0.4 Build 20220216"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by the Vulnerability Discovery and Research team of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability.This vulnerability refers specifically to the overflow that occurs via the `ssid` parameter at offset `0x0045ab7c` of the `httpd_portal` binary shipped with v5.1.0 Build 20220926 of the EAP225."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-09T17:00:07.703Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2023-49906",
"datePublished": "2024-04-09T14:12:46.099Z",
"dateReserved": "2023-12-01T22:10:32.245Z",
"dateUpdated": "2025-11-04T18:19:52.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}