Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TP-LINK — Vulnerabilities & Security Advisories 110

Browse all 110 CVE security advisories affecting TP-LINK. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TP-Link operates primarily as a manufacturer of consumer networking hardware, including wireless routers, switches, and smart home devices. Its product portfolio frequently exhibits historical vulnerabilities, with recorded Common Vulnerabilities and Exposures (CVEs) often involving remote code execution, cross-site scripting, and privilege escalation flaws. These security issues typically stem from inadequate input validation, hardcoded credentials, and unpatched firmware components within embedded web interfaces. Notable incidents have included the discovery of backdoors and command injection points that allowed attackers to gain administrative control over affected devices. The sheer volume of documented CVEs highlights systemic challenges in the company’s software development lifecycle and patch management processes. While the devices remain ubiquitous in residential and small business environments, their security posture has drawn scrutiny from researchers who emphasize the risks associated with default configurations and delayed security updates for legacy hardware models.

Top products by TP-LINK: AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) ER7206 Omada Gigabit VPN Router Archer A7 Omada ER605 TL-WR940N TL-WR841N Archer AX3000 AC1750 VN020 F3v(T) Archer C50 TP-Link TL-WRN841N WR710N AX1800 Archer AX50 Archer AX21 TL-WR902AC TL-SG108E Tapo C210 Archer C50 Wireless Router Link Archer AX50 TP-Link Tapo H100 IoT Smart Hub Tapo H200 V1 IoT Smart Hub TP-Link EX20v AX1800, Tp-Link Archer C5v AC1200, Tp-Link TD-W9970, Tp-Link TD-W9970v3, TP-Link VX220-G2u, TP-Link VN020-G2u Tapo C500 V1 Wi-Fi Camera Archer A54 Archer C4500X TL-SG1016DE Archer A10 TL-WR841ND TP-Link SG105PE
CVE IDTitleCVSSSeverityPublished
CVE-2025-40634 Stack-based buffer overflow in TP-Link Archer AX50 — Link Archer AX50CWE-121 9.8AICriticalAI2025-05-20
CVE-2025-3442 Information Disclosure Vulnerability in TP-Link Tapo IoT Smart Hub — Tapo H200 V1 IoT Smart HubCWE-312 6.1AIMediumAI2025-04-09
CVE-2025-1099 Information Disclosure Vulnerability in TP-Link Tapo C500 Wi-Fi Camera — Tapo C500 V1 Wi-Fi CameraCWE-321 5.7 -2025-02-10
CVE-2025-0730 TP-Link TL-SG108E HTTP GET Request usr_account_set.cgi get request method with sensitive query strings — TL-SG108ECWE-598 3.7 Low2025-01-27
CVE-2025-0729 TP-Link TL-SG108E clickjacking — TL-SG108ECWE-451 4.3 Medium2025-01-27
CVE-2024-12344 TP-Link VN020 F3v(T) FTP USER Command memory corruption — VN020 F3v(T)CWE-119 6.3 Medium2024-12-08
CVE-2024-12343 TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow — VN020 F3v(T)CWE-120 6.5 Medium2024-12-08
CVE-2024-12342 TP-Link VN020 F3v(T) Incomplete SOAP Request WANIPConnection denial of service — VN020 F3v(T)CWE-404 6.5 Medium2024-12-08
CVE-2024-54127 Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50 — Archer C50 Wireless RouterCWE-312 4.6 -2024-12-05
CVE-2024-54126 Insufficient Integrity Verification Vulnerability in TP-Link Archer C50 — Archer C50 Wireless RouterCWE-494 6.8 -2024-12-05
CVE-2024-11237 TP-Link VN020 F3v(T) DHCP DISCOVER Packet Parser TP-Thumper stack-based overflow — VN020 F3v(T)CWE-121 7.5 High2024-11-15
CVE-2024-10523 Information Disclosure Vulnerability in TP-Link IoT Smart Hub — TP-Link Tapo H100 IoT Smart HubCWE-312 6.1AIMediumAI2024-11-04
CVE-2024-9284 TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow — TL-WR841NDCWE-121 6.5 Medium2024-09-27
CVE-2024-4224 TP-Link TL-SG1016DE XSS — TL-SG1016DECWE-79 5.4 -2024-07-15
CVE-2024-38471 TP-Link Archer AX3000 安全漏洞 — Archer AX3000 6.8AIMediumAI2024-07-04
CVE-2024-21827 TP-LINK ER7206 安全漏洞 — ER7206 Omada Gigabit VPN RouterCWE-489 7.2 High2024-06-25
CVE-2024-5035 TP-Link Archer C5400X - RFTest Unauthenticated Command Injection — Archer C4500XCWE-77 9.8AICriticalAI2024-05-27
CVE-2024-5244 TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability — Omada ER605CWE-656 7.5AIHighAI2024-05-23
CVE-2024-5243 TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability — Omada ER605CWE-120 7.5AIHighAI2024-05-23
CVE-2024-5242 TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability — Omada ER605CWE-121 8.8AIHighAI2024-05-23
CVE-2024-5228 TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability — Omada ER605CWE-122 8.8AIHighAI2024-05-23
CVE-2024-5227 TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability — Omada ER605CWE-78 8.8AIHighAI2024-05-23
CVE-2023-50225 TP-Link TL-WR902AC dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability — TL-WR902ACCWE-121 8.0 -2024-05-03
CVE-2023-50224 TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability — TL-WR841NCWE-290 6.5 -2024-05-03
CVE-2023-44447 TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability — TL-WR902ACCWE-290 6.5 -2024-05-03
CVE-2023-44448 TP-Link Archer A54 libcmm.so dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability — Archer A54CWE-121 8.0 -2024-05-03
CVE-2023-41184 TP-Link Tapo C210 ActiveCells Stack-based Buffer Overflow Remote Code Execution Vulnerability — Tapo C210CWE-121 8.0 -2024-05-03
CVE-2023-39471 TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability — TL-WR841NCWE-78 8.8 -2024-05-03
CVE-2023-35717 TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability — Tapo C210CWE-640 8.8 -2024-05-03
CVE-2023-27359 TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability — AX1800CWE-362 8.1 -2024-05-03

This page lists every published CVE security advisory associated with TP-LINK. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.