52 matches found
CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N
A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...
CVE-2022-26642
TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the XTPClonedMACAddress parameter...
CVE-2019-12195
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was...
EUVD-2019-3843
Malware in sbrugna...
EUVD-2021-32822
Malicious code in bioql PyPI...
CVE-2022-29402
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication...
CVE-2022-26640
TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the minAddress parameter...
CVE-2022-25060
TP-LINK TL-WR840NESV6.20180709 was discovered to contain a command injection vulnerability via the component oalstartPing...
CVE-2022-25061
TP-LINK TL-WR840NESV6.20180709 was discovered to contain a command injection vulnerability via the component oalsetIp6DefaultRoute...
CVE-2022-25062
TP-LINK TL-WR840NESV6.20180709 was discovered to contain an integer overflow via the function dmcheckString. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2021-46122
Tp-Link TL-WR840N EU v6.20 Firmware 0.9.1 4.17 v0001.0 Build 201124 Rel.64328n is vulnerable to Buffer Overflow via the Password reset feature...
CVE-2020-36178
oaliptaddBridgeIsolationRules on TP-Link TL-WR840N 6EU0.9.14.16 devices allows OS command injection because a raw string entered from the web interface an IP address field is used directly for a call to the system library function for iptables. NOTE: oaliptaddBridgeIsolationRules is not the only...
CVE-2025-29649
...
编号撤回
The TP-LINK TL-WR840N is a wireless router from China P&L TP-LINK. This CVE number has been withdrawn...
CVE-2025-29649
CVE-2025-29649 has concrete details in connected sources: Red Hat's entry describes an SQL Injection vulnerability in the TP-Link TL-WR840N router login dashboard (version 1.0), exploitable by unauthenticated attackers via the username and password fields; note that this finding is disputed and m...
VulnCheck KEV: CVE-2022-25064
TP-LINK TL-WR840NESV6.20180709 was discovered to contain a remote code execution RCE vulnerability via the function oalwan6setIpAddr...
The vulnerability of the UART console of the TP-Link TL-WR840N EU microprogramming software allows a hacker to execute arbitrary commands on behalf of the root user.
The vulnerability of the UART console of the TP-Link TL-WR840N EU router’s microprogramming software lies in the absence of authentication procedures. Exploiting this vulnerability allows a hacker to execute arbitrary commands on behalf of the root user...
Buffer overflow
Tp-Link TL-WR840N EU v6.20 Firmware 0.9.1 4.17 v0001.0 Build 201124 Rel.64328n is vulnerable to Buffer Overflow via the Password reset feature...
CVE-2021-46122
Tp-Link TL-WR840N EU v6.20 Firmware 0.9.1 4.17 v0001.0 Build 201124 Rel.64328n is vulnerable to Buffer Overflow via the Password reset feature...
CVE-2022-26641
TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter...