Tp-link Tl-wr840n Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Tp-link Tl-wr840n Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2022-25061 — CVSS 9.8 (critical): TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.
CVE-2022-25064 — CVSS 9.8 (critical): TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function…
CVE-2020-36178 — CVSS 9.8 (critical): oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from…
CVE-2018-11714 — CVSS 9.8 (critical): An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16…
CVE-2021-41653 — CVSS 9.8 (critical): The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code…
CVE-2022-25060 — CVSS 9.8 (critical): TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
CVE-2019-15060 — CVSS 8.8 (high): The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a…
CVE-2022-25062 — CVSS 7.5 (high): TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows…
CVE-2018-15840 — CVSS 7.5 (high): TP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated…
CVE-2022-26640 — CVSS 7.2 (high): TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.
CVE-2022-26642 — CVSS 7.2 (high): TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.
CVE-2021-46122 — CVSS 7.2 (high): Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset…
CVE-2022-26639 — CVSS 7.2 (high): TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.
CVE-2022-26641 — CVSS 7.2 (high): TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.
CVE-2026-3227 — CVSS 6.8 (medium): A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of…
CVE-2022-29402 — CVSS 6.8 (medium): TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to…
CVE-2014-9510 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27…
CVE-2019-12195 — CVSS 4.8 (medium): TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and…