CVE-2026-5039

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

Russian hacking group targets home and small office routers to spy on users

British security officials found that a group linked to the Russian military is spying on users of compromised Small Office/Home Office SOHO routers in a broad cyber espionage campaign. A Microsoft blog goes into the technical details of these attacks. The group, which we’ll refer to as APT28, bu...

EUVD-2025-11808

Malicious code in bioql PyPI...

CVE-2025-53711

A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The attac...

CVE-2025-25427

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

SUSE CVE-2017-9466

The executable httpd on the TP-Link WR841N V8 router before TL-WR841NUNV8170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuratio...

CVE-2025-25427

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

CVE-2025-25427

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

CVE-2025-25427 XSS in TP-Link TL-WR841N v14/v14.6/v14.8 Upnp page

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

PT-2025-17247 · Tp Link · Tp-Link Wr841N

Name of the Vulnerable Software and Affected Versions: TP-Link WR841N versions v14/v14.6/v14.8 = Build 241230 Rel. 50788n TP-Link WR841N version = 4.19 Description: A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N allows remote attackers ...

PT-2023-25591 · Tp Link · Tl-Wr802N +2

Name of the Vulnerable Software and Affected Versions: TL-WR802N versions prior to TL-WR802NJP V4 221008 TL-WR841N versions prior to TL-WR841NJP V14 230506 TL-WR902AC versions prior to TL-WR902ACJP V3 230506 Description: Multiple TP-LINK products allow a network-adjacent unauthenticated attacker ...

CVE-2023-39747

TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm...

PT-2023-3421 · Tp Link · Tp-Link Tl-Wr941Nd +3

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR940N versions V2 through V4 TP-Link TL-WR941ND versions V5 through V6 TP-Link TL-WR743ND version V1 TP-Link TL-WR841N version V8 Description: The issue is related to a buffer overflow in the /userRpm/AccessCtrlAccessTargetsRpm...

PT-2023-7980

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N versions affected versions not specified Description The TP-Link TL-WR841N router is affected by an improper authentication issue within the dropbearpwd component. This allows network-adjacent attackers to disclose sensitive...

PT-2022-5480 · Tp Link · Tp-Link Tl-Wr841N

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N versions TL-WR841NUS V14 220121 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this...

CVE-2019-17147

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Hos...

TP-Link TL-WR841N and TL-WR841ND Cross-Site Request Forgery Vulnerability

The TP-Link TL-WR841N and TL-WR841ND are both wireless router devices. TP-Link TL-WR841N and TL-WR841ND cross-site request forgery vulnerability. An attacker could use this vulnerability to perform certain administrator actions and gain unauthorized access to affected applications, and other...

Design/Logic Flaw

The executable httpd on the TP-Link WR841N V8 router before TL-WR841NUNV8170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuratio...

CVE-2017-9466

The executable httpd on the TP-Link WR841N V8 router before TL-WR841NUNV8170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuratio...