Tp-Link: >> Tl-Wr802n >> v4 Security Vulnerabilities
A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file that results in execution of OS commands with root privileges during port-trigger processing.
Successful exploitation allows an authenticated attacker to execute system commands with root privileges, leading to full device compromise.
CVSS Score
8.5
EPSS Score
0.005
Published
2026-03-16
TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS command injection.
CVSS Score
8.8
EPSS Score
0.017
Published
2021-12-23
TP-Link TL-WR802N(US), Archer_C50v5_US v4_200 <= 2020.06 contains a buffer overflow vulnerability in the httpd process in the body message. The attack vector is: The attacker can get shell of the router by sending a message through the network, which may lead to remote code execution.
CVSS Score
8.1
EPSS Score
0.101
Published
2021-04-12