Tp-Link Tl-Wr845N Firmware vulnerabilities
5 known vulnerabilities affecting tp-link/tl-wr845n_firmware.
Total CVEs
5
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL2HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-57040P1CRITICALCVSS 9.8ExploitedPoCv190219v200909+1 more2025-02-26
CVE-2024-57040 [CRITICAL] CWE-798 CVE-2024-57040: TP-Link TL-WR845N devices with firmware TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was disc
TP-Link TL-WR845N devices with firmware TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained by analyzing downloaded firmware or via a brute force attack through physical access to the router. NOTE: The supplier has stated that this issue was fixed in firmware
nvd
CVE-2024-46340P3CRITICALCVSS 9.8v201214v200909+1 more2024-12-10
CVE-2024-46340 [CRITICAL] CWE-312 CVE-2024-46340: TL-WR845N(UN)_V4_201214, TP-Link TL-WR845N(UN)_V4_200909, and TL-WR845N(UN)_V4_190219 was discovered
TL-WR845N(UN)_V4_201214, TP-Link TL-WR845N(UN)_V4_200909, and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.
nvd
CVE-2024-50699P3HIGHCVSS 8.0v190219v200909+1 more2024-12-10
CVE-2024-50699 [HIGH] CWE-522 CVE-2024-50699: TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.
nvd
CVE-2024-46341P3HIGHCVSS 8.0v1902192024-12-10
CVE-2024-46341 [HIGH] CWE-522 CVE-2024-46341: TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which
TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.
nvd
CVE-2025-15551P4MEDIUMCVSS 5.6fixed in 2510312026-02-05
CVE-2025-15551 [MEDIUM] CWE-95 CVE-2025-15551: The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 fo
The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle (MitM) attack to execute JavaScript code on the router's admin web portal without the us
nvd