Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities by TP-LINK Technologies
JVNDB-2026-001972
Vulnerability from jvndb - Published: 2026-01-28 10:41 - Updated:2026-01-28 10:41
Severity
Summary
Archer MR600 vulnerable to OS command injection
Details
Archer MR600 provided by TP-Link Systems Inc. contains the following vulnerability.
- OS command injection (CWE-78) - CVE-2025-14756
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-001972.html",
"dc:date": "2026-01-28T10:41+09:00",
"dcterms:issued": "2026-01-28T10:41+09:00",
"dcterms:modified": "2026-01-28T10:41+09:00",
"description": "Archer MR600 provided by TP-Link Systems Inc. contains the following vulnerability.\u003cul\u003e\u003cli\u003eOS command injection (CWE-78) - CVE-2025-14756\u003c/li\u003e\u003c/ul\u003eChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-001972.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:archer_mr600_v5_firmware",
"@product": "Archer MR600 v5 firmware",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-001972",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU94651499/index.html",
"@id": "JVNVU#94651499",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-14756",
"@id": "CVE-2025-14756",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "Archer MR600 vulnerable to OS command injection"
}
JVNDB-2025-003213
Vulnerability from jvndb - Published: 2025-04-11 13:52 - Updated:2025-04-11 13:52
Severity
Summary
TP-Link Deco BE65 Pro vulnerable to OS command injection
Details
Deco BE65 Pro provided by TP-LINK contains an OS command injection vulnerability (CWE-78).
Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-003213.html",
"dc:date": "2025-04-11T13:52+09:00",
"dcterms:issued": "2025-04-11T13:52+09:00",
"dcterms:modified": "2025-04-11T13:52+09:00",
"description": "Deco BE65 Pro provided by TP-LINK contains an OS command injection vulnerability (CWE-78).\r\n\r\nChuya Hayakawa and Ryo Kamino of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-003213.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:deco_be65_pro",
"@product": "Deco BE65 Pro",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": {
"@score": "8.0",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2025-003213",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU94912671/index.html",
"@id": "JVNVU#94912671",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-32107",
"@id": "CVE-2025-32107",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "TP-Link Deco BE65 Pro vulnerable to OS command injection"
}
JVNDB-2024-003831
Vulnerability from jvndb - Published: 2024-06-28 17:38 - Updated:2024-06-28 17:38
Severity
Summary
Multiple TP-Link products vulnerable to OS command injection
Details
Multiple products provided by TP-LINK contains an OS command injection vulnerability (CWE-78) related to the backup/restore function.
Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.
JPCERT/CC coordinated with the developer.
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003831.html",
"dc:date": "2024-06-28T17:38+09:00",
"dcterms:issued": "2024-06-28T17:38+09:00",
"dcterms:modified": "2024-06-28T17:38+09:00",
"description": "Multiple products provided by TP-LINK contains an OS command injection vulnerability (CWE-78) related to the backup/restore function.\r\n\r\nChuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-003831.html",
"sec:cpe": [
{
"#text": "cpe:/o:tp-link:archer_air_r5_firmware",
"@product": "Archer Air R5",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_ax3000_firmware",
"@product": "Archer AX3000",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_ax5400_firmware",
"@product": "Archer AX5400",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_axe5400_firmware",
"@product": "Archer AXE5400",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_axe75",
"@product": "Archer AXE75",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2024-003831",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU99784493/index.html",
"@id": "JVNVU#99784493",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-38471",
"@id": "CVE-2024-38471",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "Multiple TP-Link products vulnerable to OS command injection"
}
JVNDB-2024-001002
Vulnerability from jvndb - Published: 2024-01-10 13:57 - Updated:2024-03-14 13:52
Severity
Summary
Multiple TP-Link products vulnerable to OS command injection
Details
Multiple products provided by TP-LINK contain multiple vulnerabilities listed below.
* OS command injection (CWE-78) - CVE-2024-21773
* OS command injection (CWE-78) - CVE-2024-21821
* OS command injection (CWE-78) - CVE-2024-21833
Chuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001002.html",
"dc:date": "2024-03-14T13:52+09:00",
"dcterms:issued": "2024-01-10T13:57+09:00",
"dcterms:modified": "2024-03-14T13:52+09:00",
"description": "Multiple products provided by TP-LINK contain multiple vulnerabilities listed below.\r\n\r\n * OS command injection (CWE-78) - CVE-2024-21773\r\n * OS command injection (CWE-78) - CVE-2024-21821\r\n * OS command injection (CWE-78) - CVE-2024-21833\r\n\r\nChuya Hayakawa of 00One, Inc. reported these vulnerabilities to JPCERT/CC.\r\nJPCERT/CC coordinated with the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-001002.html",
"sec:cpe": [
{
"#text": "cpe:/o:tp-link:archer_air_r5_firmware",
"@product": "Archer Air R5",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_ax3000_firmware",
"@product": "Archer AX3000",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_ax5400_firmware",
"@product": "Archer AX5400",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:archer_axe75",
"@product": "Archer AXE75",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:deco_x50_firmware",
"@product": "Deco X50",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/o:tp-link:deco_xe200_firmware",
"@product": "Deco XE200",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2024-001002",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU91401812/index.html",
"@id": "JVNVU#91401812",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-21773",
"@id": "CVE-2024-21773",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-21821",
"@id": "CVE-2024-21821",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2024-21833",
"@id": "CVE-2024-21833",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2024-21773",
"@id": "CVE-2024-21773",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2024-21821",
"@id": "CVE-2024-21821",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2024-21833",
"@id": "CVE-2024-21833",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "Multiple TP-Link products vulnerable to OS command injection"
}
JVNDB-2023-000025
Vulnerability from jvndb - Published: 2023-03-17 12:27 - Updated:2024-06-04 16:58
Severity
Summary
TP-Link T2600G-28SQ uses vulnerable SSH host keys
Details
TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys (CWE-1391).
Kuniyuki Hasegawa of VeriServe Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000025.html",
"dc:date": "2024-06-04T16:58+09:00",
"dcterms:issued": "2023-03-17T12:27+09:00",
"dcterms:modified": "2024-06-04T16:58+09:00",
"description": "TP-Link layer-2 switch T2600G-28SQ uses vulnerable SSH host keys (CWE-1391).\r\n\r\nKuniyuki Hasegawa of VeriServe Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000025.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:t2600g-28sq_firmware",
"@product": "T2600G-28SQ",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.6",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:A/AC:H/Au:N/C:C/I:N/A:N",
"@version": "2.0"
},
{
"@score": "5.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000025",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN62420378/index.html",
"@id": "JVN#62420378",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-28368",
"@id": "CVE-2023-28368",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-28368",
"@id": "CVE-2023-28368",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "TP-Link T2600G-28SQ uses vulnerable SSH host keys"
}
JVNDB-2023-000003
Vulnerability from jvndb - Published: 2023-01-11 15:04 - Updated:2023-01-11 15:04
Severity
Summary
TP-Link SG105PE vulnerable to authentication bypass
Details
TP-Link SG105PE contains an authentication bypass vulnerability (CWE-287).
Baba Takao of BPS Co., Ltd reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000003.html",
"dc:date": "2023-01-11T15:04+09:00",
"dcterms:issued": "2023-01-11T15:04+09:00",
"dcterms:modified": "2023-01-11T15:04+09:00",
"description": "TP-Link SG105PE contains an authentication bypass vulnerability (CWE-287).\r\n\r\nBaba Takao of BPS Co., Ltd reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000003.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:tl-sg105pe_firmware",
"@product": "SG105PE",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:A/AC:M/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.2",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000003",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN78481846/index.html",
"@id": "JVN#78481846",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-22303",
"@id": "CVE-2023-22303",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22303",
"@id": "CVE-2023-22303",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-287",
"@title": "Improper Authentication(CWE-287)"
}
],
"title": "TP-Link SG105PE vulnerable to authentication bypass"
}
JVNDB-2022-000093
Vulnerability from jvndb - Published: 2022-11-24 14:46 - Updated:2024-06-03 16:41
Severity
Summary
TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input
Details
tdpServer of TP-Link RE300 V1 improperly processes its input, possibly resulting to crash (CWE-228).
Tomoya Kitagawa and Toshiki Takatera of Ricerca Security, Inc. reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to JPCERT/CC and JPCERT/CC coordinated with the developer for the publication.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000093.html",
"dc:date": "2024-06-03T16:41+09:00",
"dcterms:issued": "2022-11-24T14:46+09:00",
"dcterms:modified": "2024-06-03T16:41+09:00",
"description": "tdpServer of TP-Link RE300 V1 improperly processes its input, possibly resulting to crash (CWE-228).\r\n\r\nTomoya Kitagawa and Toshiki Takatera of Ricerca Security, Inc. reported this vulnerability to the developer and coordinated. After coordination was completed, this case was reported to JPCERT/CC and JPCERT/CC coordinated with the developer for the publication.",
"link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-000093.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:re300-v1_firmware",
"@product": "RE300 V1",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "3.3",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"@version": "2.0"
},
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2022-000093",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN29657972/index.html",
"@id": "JVN#29657972",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-41783",
"@id": "CVE-2022-41783",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-41783",
"@id": "CVE-2022-41783",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "TP-Link RE300 V1 tdpServer vulnerable to improper processing of its input"
}
JVNDB-2021-006026
Vulnerability from jvndb - Published: 2021-12-24 15:31 - Updated:2021-12-24 15:31
Severity
Summary
TP-Link TL-WR802N V4(JP) vulnerable to OS command injection
Details
TP-Link TL-WR802N is a wifi router for home networks.
The firmware version 170705 is reported vulnerable to OS command injection (CWE-78).
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-006026.html",
"dc:date": "2021-12-24T15:31+09:00",
"dcterms:issued": "2021-12-24T15:31+09:00",
"dcterms:modified": "2021-12-24T15:31+09:00",
"description": "TP-Link TL-WR802N is a wifi router for home networks.\r\nThe firmware version 170705 is reported vulnerable to OS command injection (CWE-78).",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-006026.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:tl-wr802n_firmware",
"@product": "TL-WR802N firmware",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "8.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "7.2",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-006026",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU94883311/",
"@id": "JVNVU#94883311",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4144",
"@id": "CVE-2021-4144",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-4144",
"@id": "CVE-2021-4144",
"@source": "NVD"
},
{
"#text": "https://isopach.dev/CVE-2021-4144/",
"@id": "TP-Link TL-WR802N V4(JP) Command Injection Exploit (CVE-2021-4144)",
"@source": "Related document"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "TP-Link TL-WR802N V4(JP) vulnerable to OS command injection"
}
JVNDB-2021-001010
Vulnerability from jvndb - Published: 2021-01-25 16:21 - Updated:2021-01-25 16:21
Severity
Summary
TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection
Details
TP-Link TL-WR841N is a wifi router for home networks.
The firmware version 161028 for hardware version V13 (JP) is reported vulnerable to OS command injection (CWE-78).
According to the vendor, the firmware for hardware version V14 (JP) is not affected.
Koh You Liang of 3-shake Inc. reported this vulnerability to the developer and JPCERT/CC.
References
| Type | URL | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-001010.html",
"dc:date": "2021-01-25T16:21+09:00",
"dcterms:issued": "2021-01-25T16:21+09:00",
"dcterms:modified": "2021-01-25T16:21+09:00",
"description": "\u0026#8203;TP-Link TL-WR841N is a wifi router for home networks.\r\nThe firmware version 161028 for hardware version V13 (JP) is reported vulnerable to OS command injection (CWE-78).\r\n\r\nAccording to the vendor, the firmware for hardware version V14 (JP) is not affected.\r\n\r\nKoh You Liang of 3-shake Inc. reported this vulnerability to the developer and JPCERT/CC.",
"link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-001010.html",
"sec:cpe": {
"#text": "cpe:/o:tp-link:tl-wr841n_firmware",
"@product": "TL-WR841N firmware",
"@vendor": "TP-LINK Technologies",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "8.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"@version": "2.0"
},
{
"@score": "7.2",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2021-001010",
"sec:references": [
{
"#text": "https://jvn.jp/en/vu/JVNVU92444096/index.html",
"@id": "JVNVU#92444096",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35576",
"@id": "CVE-2020-35576",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2020-35576",
"@id": "CVE-2020-35576",
"@source": "NVD"
},
{
"#text": "https://isopach.dev/CVE-2020-35576/",
"@id": "TP-Link TL-WR841N Command Injection Exploit (CVE-2020-35576)",
"@source": "Related document"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-78",
"@title": "OS Command Injection(CWE-78)"
}
],
"title": "TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection"
}
CVE-2025-5875 (GCVE-0-2025-5875)
Vulnerability from cvelistv5 – Published: 2025-06-09 11:31 – Updated: 2025-06-12 19:03
VLAI
Title
TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflow
Summary
A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.311634 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.311634 | signaturepermissions-required |
| https://vuldb.com/?submit.581366 | third-party-advisory |
| https://locrian-lightning-dc7.notion.site/TL-IPC5… | exploit |
| https://www.tp-link.cn/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-LINK Technologies | TL-IPC544EP-W4 |
Affected:
1.0.9 Build 240428 Rel 69493n
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5875",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T13:04:39.771526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T13:04:42.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TL-IPC544EP-W4",
"vendor": "TP-LINK Technologies",
"versions": [
{
"status": "affected",
"version": "1.0.9 Build 240428 Rel 69493n"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "lunax (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n entdeckt. Betroffen hiervon ist die Funktion sub_69064 der Datei /bin/main. Durch Manipulation des Arguments text mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:03:32.199Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311634 | TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311634"
},
{
"name": "VDB-311634 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311634"
},
{
"name": "Submit #581366 | TP-Link TL-IPC544EP-W4 1.0.9 Build 240428 Rel.69493n Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.581366"
},
{
"tags": [
"exploit"
],
"url": "https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651"
},
{
"tags": [
"product"
],
"url": "https://www.tp-link.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-12T21:07:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5875",
"datePublished": "2025-06-09T11:31:05.450Z",
"dateReserved": "2025-06-08T17:59:08.162Z",
"dateUpdated": "2025-06-12T19:03:32.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5875 (GCVE-0-2025-5875)
Vulnerability from nvd – Published: 2025-06-09 11:31 – Updated: 2025-06-12 19:03
VLAI
Title
TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflow
Summary
A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.311634 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.311634 | signaturepermissions-required |
| https://vuldb.com/?submit.581366 | third-party-advisory |
| https://locrian-lightning-dc7.notion.site/TL-IPC5… | exploit |
| https://www.tp-link.cn/ | product |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-LINK Technologies | TL-IPC544EP-W4 |
Affected:
1.0.9 Build 240428 Rel 69493n
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5875",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-09T13:04:39.771526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T13:04:42.994Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "TL-IPC544EP-W4",
"vendor": "TP-LINK Technologies",
"versions": [
{
"status": "affected",
"version": "1.0.9 Build 240428 Rel 69493n"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "lunax (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n. Affected is the function sub_69064 of the file /bin/main. The manipulation of the argument text leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine kritische Schwachstelle in TP-LINK Technologies TL-IPC544EP-W4 1.0.9 Build 240428 Rel 69493n entdeckt. Betroffen hiervon ist die Funktion sub_69064 der Datei /bin/main. Durch Manipulation des Arguments text mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T19:03:32.199Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-311634 | TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.311634"
},
{
"name": "VDB-311634 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.311634"
},
{
"name": "Submit #581366 | TP-Link TL-IPC544EP-W4 1.0.9 Build 240428 Rel.69493n Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.581366"
},
{
"tags": [
"exploit"
],
"url": "https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651"
},
{
"tags": [
"product"
],
"url": "https://www.tp-link.cn/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2025-06-08T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2025-06-12T21:07:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "TP-LINK Technologies TL-IPC544EP-W4 main sub_69064 buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-5875",
"datePublished": "2025-06-09T11:31:05.450Z",
"dateReserved": "2025-06-08T17:59:08.162Z",
"dateUpdated": "2025-06-12T19:03:32.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}