TP-Link
CVE-2025-53711
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionCVE.org
A vulnerability has been found in TP-Link TL-WR841N v11, TL-WR842ND v2 and TL-WR494N v3. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
AnalysisAI
A buffer overflow vulnerability exists in the web service of multiple TP-Link router models including TL-WR841N v11, TL-WR842ND v2, and TL-WR494N v3, caused by missing input validation in /userRpm/WlanNetworkRpm.htm. An unauthenticated remote attacker can exploit this to crash the web service and cause a denial-of-service condition. The vulnerability has a low exploitation likelihood with EPSS score of 0.06% and affects products that are no longer supported by TP-Link.
Technical ContextAI
This vulnerability affects the web management interface of TP-Link wireless routers, specifically identified through CPE cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*. The root cause is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), a classic buffer overflow vulnerability class where the application fails to properly validate input parameters before processing them in the WlanNetworkRpm.htm file. This file appears to handle WLAN network configuration through the router's web interface, and the lack of bounds checking allows attackers to overflow memory buffers.
RemediationAI
Since these products are end-of-life and will not receive patches from TP-Link, the primary remediation is to replace affected routers with currently supported models. As confirmed in the vendor advisory at https://www.tp-link.com/us/support/faq/4569/, no firmware updates will be released. For organizations unable to immediately replace equipment, implement network segmentation to isolate vulnerable devices, restrict access to the web management interface to trusted IP addresses only, and consider disabling the web interface entirely if remote management is not required. Monitor for signs of service crashes that could indicate exploitation attempts.
Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models be
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to r
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_set
Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in c
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_sta
TP-Link Archer C7 and TL-WR841N routers contain an authenticated remote command execution vulnerability in the Parental
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized indi
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the functio
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote
Same weakness CWE-119 – Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today