CVE-2020-8423

HIGH

TP-Link TL-WR841N V10 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-8423. PoCs published by lnversed.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2020-8423, leveraging a custom `hook.c` file to intercept and manipulate system calls via LD_PRELOAD. The exploit targets a vulnerability in MIPS-based routers running Linux kernel 2.6.31, likely involving improper handling of file operations or command execution.

Description

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.

Exploits (1)

nomisec WORKING POC 1 stars
by lnversed · poc
https://github.com/lnversed/CVE-2020-8423

This repository contains a functional exploit PoC for CVE-2020-8423, leveraging a custom `hook.c` file to intercept and manipulate system calls via LD_PRELOAD. The exploit targets a vulnerability in MIPS-based routers running Linux kernel 2.6.31, likely involving improper handling of file operations or command execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: MIPS-based routers with Linux kernel 2.6.31
No auth needed
Prerequisites: Access to the target system to inject the shared library via LD_PRELOAD · MIPS-based router with vulnerable kernel version
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.tp-link.com/us/security
Exploit, Third Party Advisory x_refsource_misc
https://ktln2.org/2020/03/29/exploiting-mips-router/

Scores

CVSS v3 7.2
EPSS 0.0935
EPSS Percentile 94.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-120
Status published
Products (1)
tp-link/tl-wr841n_firmware 3.16.9
Published Apr 02, 2020
Tracked Since Feb 18, 2026