EIP-2026-102070

PRE-CVE

TP-Link TL-WR740N - Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102070. PoCs published by bl00dy.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in TP-LINK TL-WR740N routers by injecting malicious HTML into the 'Description' field of the Wireless MAC Filtering feature. The payload is rendered when viewing the Wireless MAC Filtering tab.

Description

TP-Link TL-WR740N - Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC
by bl00dy · textwebappshardware
https://www.exploit-db.com/exploits/43148

This exploit demonstrates a stored XSS vulnerability in TP-LINK TL-WR740N routers by injecting malicious HTML into the 'Description' field of the Wireless MAC Filtering feature. The payload is rendered when viewing the Wireless MAC Filtering tab.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: TP-LINK TL-WR740N - 3.17.0 Build 140520 Rel.75075n
Auth required
Prerequisites: access to the router's admin panel · valid credentials
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026