Shodan
Vulnerabilities
Vulnerable Software
Tp-Link:  >> Tl-Wr840n Firmware  Security Vulnerabilities
CVE-2023-39471
TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ated_tp service. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21825.
CVSS Score
7.5
EPSS Score
0.006
Published
2024-05-03
CVE-2022-29402
TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute commands as the root user without authentication.
CVSS Score
6.8
EPSS Score
0.002
Published
2022-05-25
CVE-2021-46122
Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature.
CVSS Score
7.2
EPSS Score
0.004
Published
2022-04-18
CVE-2022-26639
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.
CVSS Score
7.2
EPSS Score
0.005
Published
2022-03-28
CVE-2022-26640
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.
CVSS Score
7.2
EPSS Score
0.005
Published
2022-03-28
CVE-2022-26641
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.
CVSS Score
7.2
EPSS Score
0.005
Published
2022-03-28
CVE-2022-26642
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.
CVSS Score
7.2
EPSS Score
0.005
Published
2022-03-28
CVE-2022-25060
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
CVSS Score
9.8
EPSS Score
0.747
Published
2022-02-25
CVE-2022-25061
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.
CVSS Score
9.8
EPSS Score
0.76
Published
2022-02-25
CVE-2022-25062
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
CVSS Score
7.5
EPSS Score
0.29
Published
2022-02-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved