Skip to main content

Tl Wr940n Firmware

14 CVEs product

Monthly

CVE-2025-6151 HIGH POC This Week

Buffer overflow vulnerability in TP-Link TL-WR940N V4 and TL-WR841N V11 routers, exploitable remotely through the /userRpm/WanSlaacCfgRpm.htm endpoint. An attacker with high privileges can trigger memory corruption leading to availability impact (denial of service) or potential system compromise. This vulnerability affects end-of-life products no longer receiving vendor support, significantly limiting remediation options.

Buffer Overflow TP-Link Tl Wr940n Firmware
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.5%
CVE-2024-54887 HIGH This Week

TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow TP-Link Tl Wr940n Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
1.7%
CVE-2023-36359 HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +1
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-36358 HIGH POC This Week

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +2
NVD GitHub
CVSS 3.1
7.7
EPSS
0.7%
CVE-2023-36357 HIGH POC This Week

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware Tl Wr941Nd Firmware
NVD GitHub
CVSS 3.1
7.7
EPSS
0.8%
CVE-2023-36356 HIGH POC This Week

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service TP-Link Tl Wr940n Firmware +3
NVD GitHub
CVSS 3.1
7.7
EPSS
0.7%
CVE-2023-36355 CRITICAL POC THREAT Act Now

TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware
NVD GitHub Exploit-DB
CVSS 3.1
9.9
EPSS
31.7%
CVE-2023-36354 HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +2
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2023-33538 HIGH POC KEV THREAT This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wr940n Firmware Tl Wr841n Firmware Tl Wr740N Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
41.9%
CVE-2023-33537 HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +1
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-33536 HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link Tl Wr940n Firmware Tl Wr841n Firmware +1
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
CVE-2023-23040 HIGH PATCH This Week

TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure TP-Link Tl Wr940n Firmware
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-24355 HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Stack Overflow TP-Link Buffer Overflow Tl Wr940n Firmware
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2019-6989 HIGH POC THREAT This Week

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow RCE Memory Corruption Tl Wr940n Firmware +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
11.6%
EPSS 1% CVSS 8.2
HIGH POC This Week

Buffer overflow vulnerability in TP-Link TL-WR940N V4 and TL-WR841N V11 routers, exploitable remotely through the /userRpm/WanSlaacCfgRpm.htm endpoint. An attacker with high privileges can trigger memory corruption leading to availability impact (denial of service) or potential system compromise. This vulnerability affects end-of-life products no longer receiving vendor support, significantly limiting remediation options.

Buffer Overflow TP-Link Tl Wr940n Firmware
NVD GitHub VulDB
EPSS 2% CVSS 8.0
HIGH This Week

TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow TP-Link +1
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +3
NVD GitHub
EPSS 1% CVSS 7.7
HIGH POC This Week

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +4
NVD GitHub
EPSS 1% CVSS 7.7
HIGH POC This Week

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Tl Wr940n Firmware +2
NVD GitHub
EPSS 1% CVSS 7.7
HIGH POC This Week

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service +5
NVD GitHub
EPSS 32% CVSS 9.9
CRITICAL POC THREAT Act Now

TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +1
NVD GitHub Exploit-DB
EPSS 1% CVSS 7.5
HIGH POC This Week

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service TP-Link +4
NVD GitHub
EPSS 42% CVSS 8.8
HIGH POC KEV THREAT This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wr940n Firmware +2
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link +3
NVD GitHub
EPSS 1% CVSS 8.1
HIGH POC This Week

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure TP-Link +3
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin password used for basic authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure TP-Link Tl Wr940n Firmware
NVD
EPSS 2% CVSS 8.8
HIGH This Week

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Stack Overflow TP-Link +2
NVD
EPSS 12% CVSS 8.8
HIGH POC THREAT This Week

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Buffer Overflow RCE +3
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy