• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

tl-wr840n_firmware

CVE-2018-15840

February 26, 2023 by

TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an “nmap -f” command.

CVE-2018-15172

February 26, 2023 by

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.

CVE-2018-11714

February 26, 2023 by

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of “Referer: http://192.168.0.1/mainFrame.htm” then no authentication is required for any action.

CVE-2020-36178

February 26, 2023 by

oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem.

CVE-2019-15060

February 26, 2023 by

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field.

CVE-2019-12195

February 26, 2023 by

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE