Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for TL-WL841N v13 by TP-Link Systems Inc.

    CVE-2026-5039 (GCVE-0-2026-5039)

    Vulnerability from nvd – Published: 2026-04-23 16:10 – Updated: 2026-04-28 17:45
    VLAI
    Title
    Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N
    Summary
    TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1394 - Use of default cryptographic key
    Assigner
    References
    Impacted products
    Vendor Product Version
    TP-Link Systems Inc. TL-WL841N v13 Affected: 0 , < 0.9.1 Build 20231120 Rel.62366 (custom)
    Create a notification for this product.
    Credits
    Ben Grinberg, Adiel Sol, Daniel Lubel, Erez Cohen, Nir Somech, Arad Inbar, Dream Group
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5039",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T17:38:11.142339Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T17:40:28.657Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "TL-WL841N v13",
              "vendor": "TP-Link Systems Inc.",
              "versions": [
                {
                  "lessThan": "0.9.1 Build 20231120 Rel.62366",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ben Grinberg, Adiel Sol, Daniel Lubel, Erez Cohen, Nir Somech, Arad Inbar, Dream Group"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eTP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.\u003c/div\u003e"
                }
              ],
              "value": "TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-70",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "ADJACENT",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1394",
                  "description": "CWE-1394 Use of default cryptographic key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T17:45:30.438Z",
            "orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
            "shortName": "TPLink"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.tp-link.com/us/support/download/tl-wr841n/v13/#Firmware"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
        "assignerShortName": "TPLink",
        "cveId": "CVE-2026-5039",
        "datePublished": "2026-04-23T16:10:13.269Z",
        "dateReserved": "2026-03-27T16:26:48.187Z",
        "dateUpdated": "2026-04-28T17:45:30.438Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5039 (GCVE-0-2026-5039)

    Vulnerability from cvelistv5 – Published: 2026-04-23 16:10 – Updated: 2026-04-28 17:45
    VLAI
    Title
    Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N
    Summary
    TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1394 - Use of default cryptographic key
    Assigner
    References
    Impacted products
    Vendor Product Version
    TP-Link Systems Inc. TL-WL841N v13 Affected: 0 , < 0.9.1 Build 20231120 Rel.62366 (custom)
    Create a notification for this product.
    Credits
    Ben Grinberg, Adiel Sol, Daniel Lubel, Erez Cohen, Nir Somech, Arad Inbar, Dream Group
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5039",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-23T17:38:11.142339Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-23T17:40:28.657Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "TL-WL841N v13",
              "vendor": "TP-Link Systems Inc.",
              "versions": [
                {
                  "lessThan": "0.9.1 Build 20231120 Rel.62366",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Ben Grinberg, Adiel Sol, Daniel Lubel, Erez Cohen, Nir Somech, Arad Inbar, Dream Group"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003eTP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.\u003c/div\u003e"
                }
              ],
              "value": "TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-70",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-70 Try Common or Default Usernames and Passwords"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "ADJACENT",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1394",
                  "description": "CWE-1394 Use of default cryptographic key",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T17:45:30.438Z",
            "orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
            "shortName": "TPLink"
          },
          "references": [
            {
              "tags": [
                "patch"
              ],
              "url": "https://www.tp-link.com/us/support/download/tl-wr841n/v13/#Firmware"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N",
          "x_generator": {
            "engine": "Vulnogram 1.0.1"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
        "assignerShortName": "TPLink",
        "cveId": "CVE-2026-5039",
        "datePublished": "2026-04-23T16:10:13.269Z",
        "dateReserved": "2026-03-27T16:26:48.187Z",
        "dateUpdated": "2026-04-28T17:45:30.438Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }