cbcvebase.

Tp-Link Tl-Wr841N Firmware vulnerabilities

30 known vulnerabilities affecting tp-link/tl-wr841n_firmware.

Total CVEs
30
CISA KEV
3
actively exploited
Public exploits
5
Exploited in wild
4
Severity breakdown
CRITICAL4HIGH20MEDIUM6

Vulnerabilities

Page 1 of 2
CVE-2015-3035P1HIGHCVSS 7.5KEVPoCfixed in 1503102015-04-22
CVE-2015-3035 [HIGH] CWE-22 CVE-2015-3035: Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) w Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.
nvd
CVE-2023-50224P1MEDIUMCVSS 6.5KEVv3.16.92024-05-03
CVE-2023-50224 [MEDIUM] CWE-290 CVE-2023-50224: TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vul TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, wh
nvd
CVE-2025-9377P1HIGHCVSS 7.2KEVfixed in 2411082025-08-29
CVE-2025-9377 [HIGH] CWE-78 CVE-2025-9377: The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ens
nvd
CVE-2018-11714P1CRITICALCVSS 9.8ExploitedPoCv0.9.1_4.162018-06-04
CVE-2018-11714 [CRITICAL] CWE-384 CVE-2018-11714: An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no
nvd
CVE-2020-35576P2HIGHCVSS 8.8PoCfixed in 2012162021-01-26
CVE-2020-35576 [HIGH] CVE-2020-35576: A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware vers A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.
nvd
CVE-2012-5687P2HIGHCVSS 7.8PoC≤ 3.13.92012-11-01
CVE-2012-5687 [HIGH] CWE-22 CVE-2012-5687: Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N route Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
nvd
CVE-2022-25073P2CRITICALCVSS 9.8v0.9.1_4.182022-02-24
CVE-2022-25073 [CRITICAL] CWE-787 CVE-2022-25073: TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fi TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.
nvd
CVE-2019-17147P2HIGHCVSS 8.8v0.9.1_4.162020-01-07
CVE-2019-17147 [HIGH] CWE-120 CVE-2019-17147: This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate
nvd
CVE-2023-39471P2HIGHCVSS 8.8fixed in 2311192024-05-03
CVE-2023-39471 [HIGH] CWE-78 CVE-2023-39471: TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ated_tp service. The issue results from
nvd
CVE-2018-12575P2CRITICALCVSS 9.8v0.9.1_4.162018-07-02
CVE-2018-12575 [CRITICAL] CWE-287 CVE-2018-12575: On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
nvd
CVE-2022-30024P2HIGHCVSS 8.8v3.16.9v160325+2 more2022-07-14
CVE-2022-30024 [HIGH] CWE-120 CVE-2022-30024: A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices all A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 a
nvd
CVE-2022-0162P3CRITICALCVSS 9.8v3.16.92022-02-09
CVE-2022-0162 [CRITICAL] CWE-319 CVE-2022-0162: The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device th
nvd
CVE-2018-12577P3HIGHCVSS 8.8v0.9.1_4.162018-07-02
CVE-2018-12577 [HIGH] CWE-78 CVE-2018-12577: The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 R The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.
nvd
CVE-2012-6276P3MEDIUMCVSS 4.3PoCv3.13.92013-01-26
CVE-2012-6276 [MEDIUM] CWE-22 CVE-2012-6276: Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N rou Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
nvd
CVE-2023-36489P3HIGHCVSS 8.8fixed in 2305062023-09-06
CVE-2023-36489 [HIGH] CWE-78 CVE-2023-36489: Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.
nvd
CVE-2020-8423P3HIGHCVSS 7.2v3.16.92020-04-02
CVE-2020-8423 [HIGH] CWE-120 CVE-2020-8423: A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices all A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
nvd
CVE-2026-5039P3HIGHCVSS 8.8fixed in 2311202026-04-23
CVE-2026-5039 [HIGH] CWE-1394 CVE-2026-5039: TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain devi
nvd
CVE-2025-9014P3HIGHCVSS 7.5fixed in 2509082026-01-15
CVE-2025-9014 [HIGH] CWE-20 CVE-2025-9014: A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP- A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation. A remote, unauthenticated attacker can exploit this flaw and cause Denial of Service on the web portal service.This issue affects TL-WR841N v14: before 250908.
nvd
CVE-2025-53712P3HIGHCVSS 7.5≤ 1603252025-07-29
CVE-2025-53712 [HIGH] CWE-119 CVE-2025-53712: A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wl A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_AP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only
nvd
CVE-2025-53713P3HIGHCVSS 7.5≤ 1603252025-07-29
CVE-2025-53713 [HIGH] CWE-119 CVE-2025-53713: A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/Wl A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm_APC.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability onl
nvd
Tp-Link Tl-Wr841N Firmware vulnerabilities | cvebase