8.8
CVE-2026-3294
- EPSS 0.4%
- Veröffentlicht 22.05.2026 20:48:36
- Zuletzt bearbeitet 01.06.2026 18:03:03
- Quelle f23511db-6c3e-4e32-a477-6aa17d
- CVE-Watchlists
- Unerledigt
Authentication Logic Vulnerability on Multiple TP-Link Range Extenders
An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full administrative control of the affected device, potentially impacting on confidentiality, integrity, and availability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Tp-link ≫ Re305 Firmware Version < 20260515
Tp-link ≫ Re360 Firmware Version < 20260515
Tp-link ≫ Re580d Firmware Version < 20260515
Tp-link ≫ Re650 Firmware Version < 20260429
Tp-link ≫ Tl-wa860re Firmware Version < 20260515
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.314 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| f23511db-6c3e-4e32-a477-6aa17d310630 | 8.7 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
https://www.tp-link.com/en/support/download/re650/v1/#Firmware
https://www.tp-link.com/us/support/download/re650/v1/#Firmware
https://www.tp-link.com/us/support/download/re305/v1/#Firmware
https://www.tp-link.com/en/support/download/re305/v1/#Firmware
https://www.tp-link.com/us/support/download/re360/v1/#Firmware
https://www.tp-link.com/en/support/download/re360/v1/#Firmware
https://www.tp-link.com/us/support/download/tl-wa860re/v4/#Firmware
https://www.tp-link.com/en/support/download/tl-wa860re/v4/#Firmware
https://www.tp-link.com/en/support/download/re580d/#Firmware
https://www.tp-link.com/us/support/download/re580d/#Firmware
https://www.tp-link.com/us/support/faq/5101/