Primary

Context

TP-Link TL-WR841N Web Portal Null Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A null pointer dereference vulnerability has been identified in the web portal of the TP-Link TL-WR841N router, specifically in version 14 prior to 250908. This vulnerability arises from inadequate input validation in the referer header check, allowing remote, unauthenticated attackers to exploit the flaw and cause a denial-of-service condition on the web portal service.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition on the web portal service, causing it to become unresponsive or unavailable.

Remediation

Users are advised to upgrade to the latest firmware version 250908 or later. The firmware can be downloaded from the TP-Link support website for the respective region.

Added: Jan 15, 2026, 6:20 PM

Updated: Jan 15, 2026, 6:20 PM

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

6.3

remediation

7.7

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.1

impact

2.5

exploitability

6.3

remediation

7.7

relevance

2.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TP-Link TL-WR841N Web Portal Null Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

TP-Link TL-WR841N

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating