Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tp-link Subscribe
Filtered by product Tl-wr841n Firmware
Total 16 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-35576 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2023-02-02 9.0 HIGH 8.8 HIGH
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.
CVE-2022-46912 1 Tp-link 4 Tl-wr841n, Tl-wr841n Firmware, Tl-wr841nd V7 and 1 more 2022-12-28 N/A 8.8 HIGH
An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
CVE-2022-42202 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2022-10-20 N/A 6.1 MEDIUM
TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS).
CVE-2022-30024 1 Tp-link 6 Tl-wr841, Tl-wr841 Firmware, Tl-wr841n and 3 more 2022-07-20 N/A 8.8 HIGH
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.
CVE-2022-25073 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2022-03-03 10.0 HIGH 9.8 CRITICAL
TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.
CVE-2022-0162 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2022-02-17 7.5 HIGH 9.8 CRITICAL
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.
CVE-2018-12577 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2020-08-24 6.5 MEDIUM 8.8 HIGH
The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.
CVE-2020-8423 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2020-04-06 9.0 HIGH 7.2 HIGH
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
CVE-2019-17147 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2020-01-14 9.3 HIGH 8.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.
CVE-2018-12576 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2019-10-02 4.3 MEDIUM 4.3 MEDIUM
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.
CVE-2018-12575 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2018-09-04 7.5 HIGH 9.8 CRITICAL
On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
CVE-2018-12574 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2018-09-04 6.8 MEDIUM 8.8 HIGH
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.
CVE-2018-11714 1 Tp-link 4 Tl-wr840n, Tl-wr840n Firmware, Tl-wr841n and 1 more 2018-07-31 10.0 HIGH 9.8 CRITICAL
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.
CVE-2012-5687 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2017-08-28 7.8 HIGH N/A
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
CVE-2012-6316 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2014-10-01 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.
CVE-2012-6276 1 Tp-link 2 Tl-wr841n, Tl-wr841n Firmware 2013-01-27 4.3 MEDIUM N/A
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.