CVE-2026-11410 OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N
An authenticated OS command injection vulnerability exists in the BigPond Cable BPA WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges...