CVE-2025-14738
- EPSS 0.17%
- Veröffentlicht 18.12.2025 18:01:18
- Zuletzt bearbeitet 29.01.2026 16:15:45
Improper authentication vulnerability in TP-Link WA850RE (httpd modules) allows unauthenticated attackers to download the configuration file.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.
- EPSS 0.35%
- Veröffentlicht 18.12.2025 18:00:29
- Zuletzt bearbeitet 20.01.2026 19:05:47
Command Injection vulnerability in TP-Link WA850RE (httpd modules) allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2_160527, ≤ WA850RE V3_160922.
CVE-2022-22922
- EPSS 0.51%
- Veröffentlicht 18.02.2022 01:15:11
- Zuletzt bearbeitet 21.11.2024 06:47:37
TP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.
CVE-2018-12692
- EPSS 5.15%
- Veröffentlicht 23.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:40
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json.
CVE-2018-12693
- EPSS 1.15%
- Veröffentlicht 23.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:41
Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service (outage) via a long type parameter to /data/syslog.filter.json.
CVE-2018-12694
- EPSS 0.83%
- Veröffentlicht 23.06.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:45:41
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json.