Browse all 110 CVE security advisories affecting TP-Link. AI-powered Chinese analysis, POCs, and references for each vulnerability.
TP-Link operates primarily as a manufacturer of consumer networking hardware, including wireless routers, switches, and smart home devices. Its product portfolio frequently exhibits historical vulnerabilities, with recorded Common Vulnerabilities and Exposures (CVEs) often involving remote code execution, cross-site scripting, and privilege escalation flaws. These security issues typically stem from inadequate input validation, hardcoded credentials, and unpatched firmware components within embedded web interfaces. Notable incidents have included the discovery of backdoors and command injection points that allowed attackers to gain administrative control over affected devices. The sheer volume of documented CVEs highlights systemic challenges in the company’s software development lifecycle and patch management processes. While the devices remain ubiquitous in residential and small business environments, their security posture has drawn scrutiny from researchers who emphasize the risks associated with default configurations and delayed security updates for legacy hardware models.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-27346 | TP-Link AX1800 Firmware Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability — AX1800CWE-121 | 8.8 | - | 2024-05-03 |
| CVE-2023-27333 | TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability — Archer AX21CWE-121 | 8.0 | - | 2024-05-03 |
| CVE-2023-27332 | TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability — Archer AX21CWE-121 | 8.8 | - | 2024-05-03 |
| CVE-2023-49074 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-749 | 7.4 | High | 2024-04-09 |
| CVE-2023-49133 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-829 | 8.1 | High | 2024-04-09 |
| CVE-2023-49134 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-829 | 8.1 | High | 2024-04-09 |
| CVE-2023-48724 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.5 | High | 2024-04-09 |
| CVE-2023-49910 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49911 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49912 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49913 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49906 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49907 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49908 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2023-49909 | TP-LINK AC1350 安全漏洞 — AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)CWE-121 | 7.2 | High | 2024-04-09 |
| CVE-2024-1180 | TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability — Omada ER605CWE-78 | 8.0 | - | 2024-04-03 |
| CVE-2024-1179 | TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability — Omada ER605CWE-121 | 8.8 | - | 2024-04-01 |
| CVE-2023-6437 | Authenticated RCE — TP-Link EX20v AX1800, Tp-Link Archer C5v AC1200, Tp-Link TD-W9970, Tp-Link TD-W9970v3, TP-Link VX220-G2u, TP-Link VN020-G2u CWE-78 | 9.8 | Critical | 2024-03-28 |
| CVE-2024-2188 | Cross-Site Scripting vulnerability in TP-Link Archer AX50 — Archer AX50CWE-79 | 6.1 | Medium | 2024-03-05 |
| CVE-2023-43482 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-36498 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-47167 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-47209 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-42664 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-46683 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-47617 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2023-47618 | TP-LINK ER7206 操作系统命令注入漏洞 — ER7206 Omada Gigabit VPN RouterCWE-78 | 7.2 | High | 2024-02-06 |
| CVE-2024-21833 | TP-LINK 多款产品安全漏洞 — Archer AX3000 | 8.8AI | HighAI | 2024-01-10 |
| CVE-2024-21821 | TP-LINK 多款产品安全漏洞 — Archer AX3000 | 8.0AI | HighAI | 2024-01-10 |
| CVE-2024-21773 | TP-LINK 多款产品安全漏洞 — Archer AX3000 | 8.8AI | HighAI | 2024-01-10 |
This page lists every published CVE security advisory associated with TP-Link. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.