Back to KEVs

CVE-2018-11714

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0...

Basic Information

CVE State
PUBLISHED
Reserved Date
June 04, 2018
Published Date
June 04, 2018
Last Updated
September 16, 2024
Vendor
n/a
Product
n/a
Description
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.

CVSS Scores

CVSS v3.0

9.8 - CRITICAL

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0

10.0

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2026-01-26 00:00:00 UTC) Source

References

http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/ https://www.exploit-db.com/exploits/44781/

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2026-01-26 00:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel