Back to KEVs

CVE-2023-33538

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component...

Basic Information

CVE State: PUBLISHED
Reserved Date: May 22, 2023
Published Date: June 07, 2023
Last Updated: June 17, 2025
Vendor: TP-Link
Product: TL-WR940N, TL-WR841N, TL-WR740N
Description: TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .
Tags

CVSS Scores

CVSS v3.1

8.8 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Score: 89.65% (Percentile: 99.52%) as of 2025-06-20

SSVC Information

Exploitation: none
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2025-06-16 17:15:25 UTC) Source

References

https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md https://web.archive.org/web/20230609111043/https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md

Known Exploited Vulnerability Information

Source	Added Date
CISA	2025-06-16 17:15:14 UTC

Recent Mentions

TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert

Source: TheHackerNews • Published: 2025-06-17 08:12:00 UTC

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.  The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when

Timeline

CVE ID Reserved

May 22, 2023
CVE Published to Public

June 07, 2023
Added to KEVIntel

June 16, 2025