Skip to main content

TP-Link TL-WR841N EUVDEUVD-2026-40136

| CVE-2026-9105 MEDIUM
Stack-based Buffer Overflow (CWE-121)
2026-06-29 TPLink GHSA-whjh-xgqc-hvvf
6.8
CVSS 4.0 · Vendor: TPLink
Share

Severity by source

Vendor (TPLink) PRIMARY
6.8 MEDIUM
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.5 MEDIUM

Adjacent network vector and high-privilege requirement reflect mandatory local-network admin access; scope unchanged and impact confined to availability only.

3.1 AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.0 AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (TPLink).

CVSS VectorVendor: TPLink

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 29, 2026 - 16:35 vuln.today

DescriptionCVE.org

An authenticated stack-based buffer overflow vulnerability exists in the web management interface of TP-Link TL-WR841N v14. A remote authenticated attacker can send crafted HTTP requests to cause the embedded web server to overflow a stack buffer, resulting in a crash of the affected process.

Successful exploitation results in a denial-of-service condition, causing the device to crash and automatically reboot.

AnalysisAI

Stack-based buffer overflow in the TP-Link TL-WR841N v14 web management interface allows an authenticated attacker on the same local network segment to crash the embedded web server via crafted HTTP requests, forcing the device to automatically reboot. The impact is limited exclusively to availability - no confidentiality or integrity exposure has been identified. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Obtain admin credentials via default password or credential theft
Delivery
Connect to router's adjacent local network segment
Exploit
Authenticate to web management interface with admin account
Install
Craft HTTP request with oversized payload targeting vulnerable parameter
C2
Stack buffer overflow corrupts web server stack frame
Execute
Embedded web server process crashes
Impact
Router automatically reboots, causing network denial-of-service

Vulnerability AssessmentAI

Exploitation Two concrete prerequisites must both be satisfied: (1) the attacker must possess valid administrative credentials for the TL-WR841N v14 web management interface (confirmed by CVSS 4.0 PR:H - high-privilege authentication required), and (2) the attacker must be located on the same adjacent network segment as the router's management interface (confirmed by CVSS 4.0 AV:A - direct internet exploitation is not possible). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Real-world risk is moderate-to-low despite the stack overflow primitive. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already obtained administrative credentials for the TL-WR841N v14 - through credential stuffing against default passwords, phishing, or lateral movement from another compromised local-network device - authenticates to the web management interface and sends an HTTP request containing a specially crafted oversized parameter. The embedded web server writes the payload into a fixed-size stack buffer without bounds checking, overflowing into adjacent stack frames and triggering a process crash. …
Remediation The primary remediation is to upgrade the TL-WR841N v14 firmware to the patched version published by TP-Link, available at https://www.tp-link.com/en/support/download/tl-wr841n/v14/#Firmware (international) and https://www.tp-link.com/us/support/download/tl-wr841n/v14/#Firmware (US). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40136 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy