Tp-Link Tl-Wr840N Firmware vulnerabilities
18 known vulnerabilities affecting tp-link/tl-wr840n_firmware.
Total CVEs
18
CISA KEV
0
Public exploits
6
Exploited in wild
4
Severity breakdown
CRITICAL6HIGH9MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-41653P1CRITICALCVSS 9.8ExploitedPoC≤ tl-wr840n\(eu\)_v5_1712112021-11-13
CVE-2021-41653 [CRITICAL] CWE-94 CVE-2021-41653: The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_17121
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.
nvd
CVE-2022-25060P1CRITICALCVSS 9.8ExploitedPoCv6.20_1807092022-02-25
CVE-2022-25060 [CRITICAL] CWE-78 CVE-2022-25060: TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via t
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
nvd
CVE-2018-11714P1CRITICALCVSS 9.8ExploitedPoCv0.9.1_3.162018-06-04
CVE-2018-11714 [CRITICAL] CWE-384 CVE-2018-11714: An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no
nvd
CVE-2022-25064P1CRITICALCVSS 9.8Exploitedv6.20_1807092022-02-25
CVE-2022-25064 [CRITICAL] CWE-78 CVE-2022-25064: TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerabi
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.
nvd
CVE-2022-25061P1CRITICALCVSS 9.8PoCv6.20_1807092022-02-25
CVE-2022-25061 [CRITICAL] CWE-78 CVE-2022-25061: TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via t
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.
nvd
CVE-2018-15172P3HIGHCVSS 7.5PoCv0.9.12018-08-15
CVE-2018-15172 [HIGH] CWE-119 CVE-2018-15172: TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
nvd
CVE-2020-36178P2CRITICALCVSS 9.8v6_eu_0.9.1_4.162021-01-06
CVE-2020-36178 [CRITICAL] CWE-78 CVE-2020-36178: oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injec
oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem.
nvd
CVE-2023-39471P2HIGHCVSS 8.8fixed in 2311212024-05-03
CVE-2023-39471 [HIGH] CWE-78 CVE-2023-39471: TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability
TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ated_tp service. The issue results from
nvd
CVE-2019-15060P3HIGHCVSS 8.8≤ 0.9.1_3.162019-08-22
CVE-2019-15060 [HIGH] CWE-78 CVE-2019-15060: The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulne
The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field.
nvd
CVE-2019-12195P4MEDIUMCVSS 4.8PoCv0.9.1_3.162019-05-24
CVE-2019-12195 [MEDIUM] CWE-79 CVE-2019-12195: TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from th
nvd
CVE-2021-46122P3HIGHCVSS 7.2v0.9.1_4.17_v0001.02022-04-18
CVE-2021-46122 [HIGH] CWE-120 CVE-2021-46122: Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to
Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature.
nvd
CVE-2022-26639P3HIGHCVSS 7.2v0.9.1.4.162022-03-28
CVE-2022-26639 [HIGH] CWE-120 CVE-2022-26639: TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.
nvd
CVE-2022-26642P3HIGHCVSS 7.2v0.9.1.4.162022-03-28
CVE-2022-26642 [HIGH] CWE-120 CVE-2022-26642: TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddres
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.
nvd
CVE-2022-26641P3HIGHCVSS 7.2v0.9.1.4.162022-03-28
CVE-2022-26641 [HIGH] CWE-120 CVE-2022-26641: TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort param
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.
nvd
CVE-2022-26640P3HIGHCVSS 7.2v0.9.1.4.162022-03-28
CVE-2022-26640 [HIGH] CWE-120 CVE-2022-26640: TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.
nvd
CVE-2026-3227P3MEDIUMCVSS 6.8fixed in 2603042026-03-16
CVE-2026-3227 [MEDIUM] CWE-78 CVE-2026-3227: A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR84
A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file that results in execution of OS commands with root privile
nvd
CVE-2022-25062P3HIGHCVSS 7.5v6.20_1807092022-02-25
CVE-2022-25062 [HIGH] CWE-190 CVE-2022-25062: TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
nvd
CVE-2014-9510P4MEDIUMCVSS 6.8v3.13.272015-01-09
CVE-2014-9510 [MEDIUM] CWE-352 CVE-2014-9510: Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (
Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.
nvd