TP-Link TL-WR840N Router SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in the TP-Link TL-WR840N router, version 1.0. This vulnerability allows an unauthenticated attacker to inject malicious SQL statements through the username and password fields on the login dashboard. The issue arises because the input fields do not properly sanitize user input, enabling SQL injection attacks that could bypass authentication.

Impact

Exploitation of this vulnerability allows for SQL injection, which could be used to manipulate the router's database, potentially leading to unauthorized access or modification of data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

7.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

5.0

exploitability

7.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TP-Link TL-WR840N Router SQL Injection Vulnerability

Vulnerability

Impact

Affected Products

TP-Link TL-WR840N

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating