Lucene search

Wr840n Security Vulnerabilities

cve

CVE-2018-11714

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of.....

9.8CVSS

9.3AI Score

0.415EPSS

2022-10-03 04:21 PM

cve

CVE-2022-29402

TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without...

6.8CVSS

6.8AI Score

0.001EPSS

2022-05-25 06:15 PM

cve

CVE-2021-46122

Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset...

7.2CVSS

7AI Score

0.001EPSS

2022-04-18 04:15 PM

cve

CVE-2022-26639

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers...

7.2CVSS

7.2AI Score

0.001EPSS

2022-03-28 11:15 PM

cve

CVE-2022-26641

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort...

7.2CVSS

7.2AI Score

0.001EPSS

2022-03-28 11:15 PM

cve

CVE-2022-26640

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress...

7.2CVSS

7.2AI Score

0.001EPSS

2022-03-28 11:15 PM

cve

CVE-2022-26642

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress...

7.2CVSS

7.2AI Score

0.001EPSS

2022-03-28 11:15 PM

cve

CVE-2022-25061

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component...

9.8CVSS

9.8AI Score

0.014EPSS

2022-02-25 08:15 PM

cve

CVE-2022-25064

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function...

9.8CVSS

9.9AI Score

0.012EPSS

2022-02-25 08:15 PM

cve

CVE-2022-25062

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP...

7.5CVSS

7.4AI Score

0.004EPSS

2022-02-25 08:15 PM

cve

CVE-2022-25060

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component...

9.8CVSS

9.8AI Score

0.014EPSS

2022-02-25 08:15 PM

In Wild

cve

CVE-2021-41653

The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input...

9.8CVSS

9.5AI Score

0.952EPSS

2021-11-13 03:15 PM

108

In Wild

cve

CVE-2021-29280

In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer...

6.4CVSS

6.7AI Score

0.0004EPSS

2021-08-19 04:15 PM

cve

CVE-2020-36178

oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not....

9.8CVSS

9.7AI Score

0.135EPSS

2021-01-06 09:15 PM

cve

CVE-2020-35575

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N,...

9.8CVSS

9.3AI Score

0.195EPSS

2020-12-26 02:15 AM

150

cve

CVE-2019-15060

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input...

8.8CVSS

8.7AI Score

0.003EPSS

2019-08-22 07:15 PM

cve

CVE-2019-12195

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was...

4.8CVSS

4.9AI Score

0.001EPSS

2019-05-24 04:29 PM

cve

CVE-2018-18489

The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of...

4.9CVSS

5.2AI Score

0.001EPSS

2019-04-16 07:29 PM

cve

CVE-2018-15840

TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f"...

7.5CVSS

7.5AI Score

0.002EPSS

2019-03-29 06:29 PM

cve

CVE-2018-15172

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP...

7.5CVSS

7.8AI Score

0.008EPSS

2018-08-15 05:29 PM

cve

CVE-2018-14336

TP-Link WR840N devices allow remote attackers to cause a denial of service (connectivity loss) via a series of packets with random MAC...

7.5CVSS

7.4AI Score

0.079EPSS

2018-07-19 08:29 PM

cve

CVE-2014-9510

Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file...

7.4AI Score

0.002EPSS

2015-01-09 06:59 PM