CVE-2020-9374

CRITICAL EXPLOITED

TP-Link TL-WR849N 0.9.1 4.16 - Remote Code Execution via Traceroute Shell Metacharacter Injection

Title source: llm

Exploitation Summary

CVE-2020-9374 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Elber Tavares.

AI-analyzed exploit summary This exploit leverages a command injection vulnerability in TP-Link TL-WR849N routers by injecting arbitrary commands into the `host` parameter of a traceroute diagnostic request. It establishes a session with authentication and executes commands via a crafted POST request.

Description

On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.

Exploits (1)

exploitdb WORKING POC

by Elber Tavares · pythonwebappshardware

https://www.exploit-db.com/exploits/48155

View Code ZIP pw:eip

This exploit leverages a command injection vulnerability in TP-Link TL-WR849N routers by injecting arbitrary commands into the `host` parameter of a traceroute diagnostic request. It establishes a session with authentication and executes commands via a crafted POST request.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TP-Link TL-WR849N 0.9.1 4.16

Auth required

Prerequisites: Network access to the router's web interface · Valid authentication credentials for the router

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

https://fireshellsecurity.team/hack-n-routers/

Exploit, Third Party Advisory x_refsource_misc

https://github.com/ElberTavares/routers-exploit/tree/master/tp-link

View Exploit ZIP pw:eip

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/156584/TP-Link-TL-WR849N-Remote-Code-Execution.html

Scores

CVSS v3 9.8

EPSS 0.4205

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2026-03-23

CWE

CWE-78

Status published

Products (1)

tp-link/tl-wr849n_firmware 0.9.1_4.16

Published Feb 24, 2020

Tracked Since Feb 18, 2026