TP-Link TL-WR840N Firmware 0.9.1 3.16
Approved changes feed: RSS · Atom
cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1_3.16:*:*:*:*:*:*:*
part: o version: 0.9.1_3.16 update: *
| Vendor | Tp Link (0b2e1553-ac8b-5981-a60b-ca6c27ee3a6e) |
|---|---|
| Product | Tl Wr840N Firmware (f076e417-2b20-5026-872a-5f975da31dfe) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2019-12195 |
vulnerable | 2026-06-03 14:39:34.407365 |
Details available
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet.
Published: 2019-05-24T15:24:45.000Z
Updated: 2024-08-04T23:10:30.807Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-11714 |
vulnerable | 2026-06-03 14:38:01.832962 |
Details available
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.
Published: 2018-06-04T14:00:00.000Z
Updated: 2024-09-16T23:25:29.762Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.