tp-link TL-WPA4220 Security Vulnerabilities

4 Vulnerabilities
Description

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2021-28857, Last Modified: 2021-06-15T22:15:00Z

References

Advisory

Modemly Security Checklist

TP-LINK-TL-WPA4220-router-setup

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2021-28858, Last Modified: 2021-06-15T22:15:00Z

References

Advisory

Modemly Security Checklist

TP-LINK-TL-WPA4220-router-setup

httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed version: TL-WPA4220(EU)_V4_201023

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2020-24297, Last Modified: 2020-11-18T16:15:00Z

References

Advisory

Modemly Security Checklist

TP-LINK-TL-WPA4220-router-setup

httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023

Impacted versions: -

Base Score: 0.0, Severity: NA, ID: CVE-2020-28005, Last Modified: 2020-11-18T16:15:00Z

References

Advisory

Modemly Security Checklist

TP-LINK-TL-WPA4220-router-setup
Free Home-Networking Courses, tutorials and security checklists

USAGE: Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.