CVE-2026-3227

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...

CVE-2026-3227

Technical details beyond the brief description are not provided in the supplied documents. Monitor for updates on affected devices and firmware.

TP-LINK WR840N v6 up to 0.9.1 4.16 - Improper Authentication

A vulnerability in the TP-Link WR840N v6 router with firmware version 0.9.1 4.16 and earlier permits unauthorized individuals to bypass the authentication of some interfaces under the /cgi directory.When adding Referer- http-//tplinkwifi.net to the the request, it will be recognized as passing th...

CVE-2022-26641

TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter...

CVE-2022-26642

TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the XTPClonedMACAddress parameter...

CVE-2019-12195

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was...

Exploit for Race Condition in Linux Linux_Kernel

CVE-2018-12633-TPLink-Auth-Bypass A technical case study and e...

VulnCheck KEV: CVE-2018-11714

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of...

EUVD-2018-10214

Malware in sbrugna...

EUVD-2019-3843

Malware in sbrugna...

EUVD-2022-31194

Malicious code in bioql PyPI...

EUVD-2022-31193

Malicious code in bioql PyPI...

EUVD-2022-33741

Malicious code in bioql PyPI...

EUVD-2021-32822

Malicious code in bioql PyPI...

CVE-2022-29402

TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication...

CVE-2022-26640

TP-LINK TL-WR840NESV6.20 was discovered to contain a buffer overflow via the minAddress parameter...

CVE-2022-25060

TP-LINK TL-WR840NESV6.20180709 was discovered to contain a command injection vulnerability via the component oalstartPing...

CVE-2022-25061

TP-LINK TL-WR840NESV6.20180709 was discovered to contain a command injection vulnerability via the component oalsetIp6DefaultRoute...

CVE-2022-25062

TP-LINK TL-WR840NESV6.20180709 was discovered to contain an integer overflow via the function dmcheckString. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...