Tuesday , June 23 2026
SQL

TP-Link Router Vulns Allow to Execute Malicious SQL Commands

infosecbulletin Tuesday , April 22 2025 Alert, Vulnerabilities

Several vulnerabilities have been found in TP-Link routers, exposing users to serious security risks from SQL injection flaws in their web management interfaces.

Security researcher “The Veteran” found vulnerabilities that let remote attackers bypass authentication and gain unauthorized control of devices without valid credentials.

India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record

By infosecbulletin / Tuesday , June 23 2026
A cyber attack seems to have affected one of India's top electronics companies. Tata Electronics has said there was a...
Read More
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record

Anthropic’s Mythos reportedly broke NSA classified systems in hours

By infosecbulletin / Monday , June 22 2026
The recent finding shows how powerful Mythos is: the AI can access the US government's secret networks in just a...
Read More
Anthropic’s Mythos reportedly broke NSA classified systems in hours

OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment

By infosecbulletin / Monday , June 22 2026
Test before going live is important for AI developers. But there's a problem: testing usually uses fake scenarios that often...
Read More
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment

AryStinger botnet infected thousands of D-Link routers globally

By infosecbulletin / Sunday , June 21 2026
AryStinger has taken control of over 4,000 old D-Link routers to use them as proxies for harmful traffic. The team...
Read More
AryStinger botnet infected thousands of D-Link routers globally

Hacker suspected of sending alerts across Brazil

By infosecbulletin / Sunday , June 21 2026
Brazil's government suspects a hacking attack triggered an unauthorized ‌alert sent to cell phones across parts of the country early...
Read More
Hacker suspected of sending alerts across Brazil

CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT

By infosecbulletin / Sunday , June 21 2026
A new open-source cybersecurity tool named CyberSentinel AI v3.0 has come out. It is an important step in self-operated security...
Read More
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT

Barracuda hosts Dhaka roundtable on cyber resilience

By infosecbulletin / Saturday , June 20 2026
Barracuda gathered industry people in Dhaka on 18 June 2026 for a roundtable talk about cyber resilience. The company shared...
Read More
Barracuda hosts Dhaka roundtable on cyber resilience

CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) asked Fortinet users with FortiGate devices on Thursday to act to protect...
Read More
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices

CISA: Splunk flaw under active exploit, patch by Sunday

By infosecbulletin / Saturday , June 20 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has asked federal agencies to protect their systems by Sunday from a...
Read More
CISA: Splunk flaw under active exploit, patch by Sunday

Texas data breach exposes 3 million driver’s licenses

By infosecbulletin / Saturday , June 20 2026
The Texas Parks and Wildlife Department (TPWD) revealed a data leak at its license system provider. This leak exposed private...
Read More
Texas data breach exposes 3 million driver’s licenses

TP-Link Router Vulnerabilities:

CVE-2025-29648: TP-Link EAP120 SQL Injection Vulnerability:

This vulnerability impacts the TP-Link EAP120 router (version 1.0) as its login dashboard does not adequately sanitize user input in the authentication fields.

An unauthenticated attacker can inject harmful SQL statements into these fields. This could let the attacker bypass authentication and gain administrative access to the device.

CVE-2025-29649: TP-Link TL-WR840N SQL Injection Vulnerability:

The TP-Link TL-WR840N router (version 1.0) has a SQL injection vulnerability. The login page allows unsanitized input in the username and password fields, enabling attackers to inject SQL code. This can allow unauthorized access to the router’s admin interface without valid credentials.

CVE-2025-29650: TP-Link M7200 4G LTE Mobile Wi-Fi Router SQL Injection Vulnerability:

The vulnerability affects the TP-Link M7200 4G LTE Mobile Wi-Fi Router with firmware version 1.0.7 Build 180127 Rel.55998n. The login interface fails to sanitize input in the username and password fields, enabling an attacker to inject harmful SQL statements. This could lead to unauthorized access to the router’s management console.

CVE-2025-29653: TP-Link M7450 4G LTE Mobile Wi-Fi Router SQL Injection Vulnerability:

The TP-Link M7450 4G LTE Mobile Wi-Fi Router, firmware version 1.0.2 Build 170306 Rel.1015n, is susceptible to SQL injection on its login page. An unauthenticated attacker can exploit this vulnerability to execute SQL commands, risking full control over the device’s admin functions.

TP-Link is aware of these vulnerabilities, but no security patches have been released yet.

SSL.com’s domain validation system’s bug found: Hacker exploited

Check Also

F5

F5 Patches NGINX Flaw for Code Execution and DoS Attacks

F5 has shared a security warning about serious flaws in NGINX. These issues could let …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin