CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25897
https://notcve.org/view.php?id=CVE-2025-25897
13 Feb 2025 — A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the 'ip' parameter at /userRpm/WanStaticIpV6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. • https://github.com/2664521593/mycve/blob/main/TP-Link/BOF_in_TP-Link_TL-WR841ND-V11_3.pdf •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25898
https://notcve.org/view.php?id=CVE-2025-25898
13 Feb 2025 — A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. • https://github.com/2664521593/mycve/blob/main/TP-Link/BOF_in_TP-Link_TL-WR841ND-V11_1.pdf •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25901
https://notcve.org/view.php?id=CVE-2025-25901
13 Feb 2025 — A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11, triggered by the dnsserver1 and dnsserver2 parameters at /userRpm/WanSlaacCfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. Se ha descubierto una vulnerabilidad de desbordamiento de buffer en TP-Link TL-WR841ND V11, causada por los parámetros dnsserver1 y dnsserver2 en /userRpm/WanSlaacCfgRpm.htm. Esta vulnerabilidad permite a los atacantes ocasionar una denegación de servicio (Do... • https://github.com/2664521593/mycve/blob/main/TP-Link/BOF_in_TP-Link_TL-WR841ND-V11_5.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9284 – TP-LINK TL-WR841ND popupSiteSurveyRpm.htm stack-based overflow
https://notcve.org/view.php?id=CVE-2024-9284
27 Sep 2024 — A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be launched remotely. • https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TP-LINK/WR-841ND/popupSiteSurveyRpm.md • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-46912
https://notcve.org/view.php?id=CVE-2022-46912
20 Dec 2022 — An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. Un problema en el proceso de actualización de firmware de TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 y anteriores permite a atacantes ejecutar código arbitrario o provocar una Denegación de Servicio (DoS) mediante la carga de una imagen de firmware manipulada. • https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/Sk6sfbTPi •
CVSS: 7.8EPSS: 94%CPEs: 26EXPL: 5CVE-2015-3035 – TP-Link Multiple Archer Devices Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2015-3035
10 Apr 2015 — Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot)... • https://packetstorm.news/files/id/180649 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •