Skip to main content

Tl Wr841n Firmware

23 CVEs product

Monthly

CVE-2025-9014 HIGH PATCH This Week

A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation. [CVSS 7.5 HIGH]

TP-Link Null Pointer Dereference Denial Of Service Tl Wr841n Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-36489 HIGH This Week

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

TP-Link Command Injection Tl Wr902Ac Firmware Tl Wr802N Firmware Tl Wr841n Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2023-36359 HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-36358 HIGH POC This Week

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +2
NVD GitHub
CVSS 3.1
7.7
EPSS
0.7%
CVE-2023-36357 HIGH POC This Week

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware Tl Wr941Nd Firmware
NVD GitHub
CVSS 3.1
7.7
EPSS
0.8%
CVE-2023-36356 HIGH POC This Week

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service TP-Link Tl Wr940n Firmware +3
NVD GitHub
CVSS 3.1
7.7
EPSS
0.7%
CVE-2023-36354 HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-33538 HIGH POC KEV THREAT This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wr940n Firmware Tl Wr841n Firmware Tl Wr740N Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
41.9%
CVE-2023-33537 HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +1
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-33536 HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +1
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-46912 HIGH This Week

An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE TP-Link Denial Of Service Tl Wr841n Firmware Tl Wr841Nd V7 Firmware
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-42202 MEDIUM POC This Month

TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link XSS Tl Wr841n Firmware
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-30024 HIGH This Week

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link Buffer Overflow RCE Tl Wr841 Firmware Tl Wr841n Firmware +1
NVD VulDB
CVSS 3.1
8.8
EPSS
2.2%
CVE-2022-25073 CRITICAL POC THREAT Act Now

TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow Tl Wr841n Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
13.0%
CVE-2020-8423 HIGH POC This Week

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE TP-Link Tl Wr841n Firmware
NVD
CVSS 3.1
7.2
EPSS
9.3%
CVE-2018-12577 HIGH This Week

The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link Command Injection Tl Wr841n Firmware
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2018-12576 MEDIUM This Month

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS TP-Link Tl Wr841n Firmware
NVD
CVSS 3.0
4.3
EPSS
0.7%
CVE-2018-12575 CRITICAL Act Now

On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Wr841n Firmware
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2018-12574 HIGH This Week

CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF TP-Link Tl Wr841n Firmware
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-11714 CRITICAL POC THREAT Act Now

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure TP-Link Tl Wr840N Firmware Tl Wr841n Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
36.5%
CVE-2012-6316 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS TP-Link Tl Wr841n Firmware Tl Wr841N
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-6276 MEDIUM POC This Month

Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal TP-Link Tl Wr841n Firmware Tl Wr841N
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
9.4%
CVE-2012-5687 HIGH POC THREAT Act Now

Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.5%.

Path Traversal TP-Link Tl Wr841N Tl Wr841n Firmware
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
67.5%
Threat
5.1
EPSS 0% CVSS 7.5
HIGH PATCH This Week

A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation. [CVSS 7.5 HIGH]

TP-Link Null Pointer Dereference Denial Of Service +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

TP-Link Command Injection Tl Wr902Ac Firmware +2
NVD
EPSS 1% CVSS 7.5
HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +3
NVD GitHub
EPSS 1% CVSS 7.7
HIGH POC This Week

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +4
NVD GitHub
EPSS 1% CVSS 7.7
HIGH POC This Week

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Tl Wr940n Firmware +2
NVD GitHub
EPSS 1% CVSS 7.7
HIGH POC This Week

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service +5
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +4
NVD GitHub
EPSS 42% CVSS 8.8
HIGH POC KEV THREAT This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wr940n Firmware +2
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link +3
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link +3
NVD GitHub
EPSS 1% CVSS 8.8
HIGH This Week

An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE TP-Link Denial Of Service +2
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link XSS Tl Wr841n Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link Buffer Overflow RCE +3
NVD VulDB
EPSS 13% CVSS 9.8
CRITICAL POC THREAT Act Now

TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow +1
NVD GitHub
EPSS 9% CVSS 7.2
HIGH POC This Week

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE TP-Link +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

TP-Link Command Injection Tl Wr841n Firmware
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS TP-Link Tl Wr841n Firmware
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Wr841n Firmware
NVD
EPSS 0% CVSS 8.8
HIGH This Week

CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF TP-Link Tl Wr841n Firmware
NVD
EPSS 37% CVSS 9.8
CRITICAL POC THREAT Act Now

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure TP-Link +2
NVD Exploit-DB
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS TP-Link Tl Wr841n Firmware +1
NVD
EPSS 9% CVSS 4.3
MEDIUM POC This Month

Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal TP-Link Tl Wr841n Firmware +1
NVD Exploit-DB
EPSS 67% 5.1 CVSS 7.8
HIGH POC THREAT Act Now

Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 67.5%.

Path Traversal TP-Link Tl Wr841N +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy