CVE-2021-41653

CRITICAL EXPLOITED IN THE WILD NUCLEI

Tp-link Tl-wr840n Firmware - Code Injection

Title source: rule

Description

The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.

Exploits (2)

nomisec WORKING POC

by likeww · remote

https://github.com/likeww/CVE-2021-41653

View Code ZIP pw:eip

inthewild

poc

https://github.com/ohnonoyesyes/cve-2021-41653

View on inthewild

Nuclei Templates (1)

TP-Link - OS Command Injection

CRITICALby gy741

References (3)

[Vendor Advisory] http://tp-link.com

[Exploit, Third Party Advisory] https://k4m1ll0.com/cve-2021-41653.html

[Vendor Advisory] https://www.tp-link.com/us/press/security-advisory/

Scores

CVSS v3 9.8

EPSS 0.9191

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2021-12-08

InTheWild.io 2021-12-08

CWE

CWE-94

Status published

Products (1)

tp-link/tl-wr840n_firmware < tl-wr840n\(eu\)_v5_171211

Published Nov 13, 2021

Tracked Since Feb 18, 2026