Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tl\-Wr841n_firmware
(Tp\-Link)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 27 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-03 | CVE-2023-39471 | TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ated_tp service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability... | Tl\-Wr840n_firmware, Tl\-Wr841n_firmware | 8.8 | ||
| 2024-05-03 | CVE-2023-50224 | TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose... | Tl\-Wr841n_firmware | N/A | ||
| 2023-06-07 | CVE-2023-33538 | TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm . | Tl\-Wr740n_firmware, Tl\-Wr841n_firmware, Tl\-Wr940n_firmware | 8.8 | ||
| 2022-10-18 | CVE-2022-42202 | TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS). | Tl\-Wr841n_firmware | 6.1 | ||
| 2023-06-07 | CVE-2023-33536 | TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. | Tl\-Wr740n_firmware, Tl\-Wr841n_firmware, Tl\-Wr940n_firmware | 8.1 | ||
| 2023-06-07 | CVE-2023-33537 | TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. | Tl\-Wr740n_firmware, Tl\-Wr841n_firmware, Tl\-Wr940n_firmware | 8.1 | ||
| 2023-06-22 | CVE-2023-36358 | TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | Tl\-Wr743nd_firmware, Tl\-Wr841n_firmware, Tl\-Wr940n_firmware, Tl\-Wr941nd_firmware | 7.7 | ||
| 2023-06-22 | CVE-2023-36359 | TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | Tl\-Wr841n_firmware, Tl\-Wr940n_firmware, Tl\-Wr941nd_firmware | 7.5 | ||
| 2023-06-22 | CVE-2023-36357 | An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | Tl\-Wr841n_firmware, Tl\-Wr940n_firmware, Tl\-Wr941nd_firmware | 7.7 | ||
| 2020-04-02 | CVE-2020-8423 | A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. | Tl\-Wr841n_firmware | 7.2 |