Tl-wr840n firmware
This hub aggregates every CVE we track for Tl-wr840n firmware, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
21
CVEs tracked
6
Critical
10
High
0
In CISA KEV
Severity distribution
HIGH10CRITICAL6MEDIUM5
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Tl-wr840n firmware.
- CVE-2026-3227Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N6.8
- CVE-2023-39471TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability8.8
- CVE-2022-29402TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. This vulnerability allows attackers to connect to the UART port via a serial connection and execute c...6.8
- CVE-2021-46122Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature.7.2
- CVE-2022-26642TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.7.2
- CVE-2022-26641TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.7.2
- CVE-2022-26640TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.7.2
- CVE-2022-26639TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.7.2
- CVE-2022-25061TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute.9.8
- CVE-2022-25064TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr.9.8
- CVE-2022-25062TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte...7.5
- CVE-2022-25060TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.9.8
- CVE-2021-41653The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.9.8
- CVE-2021-29280In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow6.4
- CVE-2020-36178oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly f...9.8
Product normalization is registry-driven with AI assist and human review. How it works