In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for the USER_AGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTp Link Re365
HWTp-Link1.0Tp Link Re365 Firmware
OSTp-Link180213
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
Related vulnerabilities
CVE-2025-7850CRITICAL9.3PL ✓ten sam vendor
Command injection w bramkach Omada (TP-Link) po uwierzytelnieniu admina
CVE-2025-6542CRITICAL9.3PL ✓ten sam vendor
Zdalne wykonanie poleceń OS bez uwierzytelnienia w routerach TP-Link Omada
CVE-2024-57040CRITICAL9.8PL ✓ten sam vendor
TP-Link TL-WR845N — zakodowane na stałe hasło roota (hardcoded password)
CVE-2024-46340CRITICAL9.8PL ✓ten sam vendor
TP-Link TL-WR845N — przesyłanie danych uwierzytelniających w postaci jawnego tekstu
CVE-2024-25139CRITICAL10.0PL ✓ten sam vendor
RCE z uprawnieniami root w TP-Link Omada ER605 via buffer overflow