Back to KEVs

CVE-2023-50224

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability

Basic Information

CVE State
PUBLISHED
Reserved Date
December 05, 2023
Published Date
May 03, 2024
Last Updated
October 21, 2025
Vendor
TP-Link
Product
TL-WR841N
Description
TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.
Tags
cisa

CVSS Scores

CVSS v3.0

6.5 - MEDIUM

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SSVC Information

Exploitation
active
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (2026-06-01 10:40:01 UTC) Source

References

https://www.zerodayinitiative.com/advisories/ZDI-23-1808/ https://www.tp-link.com/en/support/download/tl-wr841n/v12/#Firmware

Known Exploited Vulnerability Information

Source Added Date
CVE 2026-06-01 10:40:01 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel