Search
Find a vulnerability
Search criteria
2 vulnerabilities found for WR940N and WR941ND by TP-Link Systems Inc.
CVE-2025-14739 (GCVE-0-2025-14739)
Vulnerability from nvd – Published: 2025-12-18 18:02 – Updated: 2026-02-26 16:07 Unsupported When Assigned
VLAI
Title
Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND
Summary
Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack
and potentially arbitrary code execution
under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316,
≤
WR941ND v6 3.16.9 Build 151203.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | WR940N and WR941ND |
Affected:
0 , ≤ WR940N v5 3.20.1 Build 200316
(custom)
Affected: 0 , ≤ WR941ND v6 3.16.9 Build 151203 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T04:55:46.816730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:27.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WR940N and WR941ND",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "WR940N v5 3.20.1 Build 200316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "WR941ND v6 3.16.9 Build 151203",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "VulnCheck"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows\u0026nbsp;local unauthenticated attackers the ability to execute DoS attack \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand potentially arbitrary code execution\u003c/span\u003e\n\nunder the context of the \u2018root\u2019 user.\u003cp\u003eThis issue affects WR940N and WR941ND: \u2264 WR940N v5 3.20.1 Build 200316, \n\n\u2264\n\n WR941ND v6 3.16.9 Build 151203.\u003c/p\u003e"
}
],
"value": "Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows\u00a0local unauthenticated attackers the ability to execute DoS attack \n\nand potentially arbitrary code execution\n\nunder the context of the \u2018root\u2019 user.This issue affects WR940N and WR941ND: \u2264 WR940N v5 3.20.1 Build 200316, \n\n\u2264\n\n WR941ND v6 3.16.9 Build 151203."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T19:37:03.298Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"url": "https://www.tp-link.com/us/support/download/tl-wr941nd/#Firmware"
},
{
"url": "https://www.tp-link.com/us/support/download/tl-wr940n/v5/#Firmware"
},
{
"url": "https://blog.exodusintel.com/2022/06/23/tp-link-wr940n-wr941nd-uninitialized-pointer-vulnerability/"
},
{
"url": "https://www.tp-link.com/us/support/faq/4848/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-14739",
"datePublished": "2025-12-18T18:02:04.697Z",
"dateReserved": "2025-12-15T18:35:29.224Z",
"dateUpdated": "2026-02-26T16:07:27.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14739 (GCVE-0-2025-14739)
Vulnerability from cvelistv5 – Published: 2025-12-18 18:02 – Updated: 2026-02-26 16:07 Unsupported When Assigned
VLAI
Title
Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND
Summary
Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack
and potentially arbitrary code execution
under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316,
≤
WR941ND v6 3.16.9 Build 151203.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-824 - Access of Uninitialized Pointer
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | WR940N and WR941ND |
Affected:
0 , ≤ WR940N v5 3.20.1 Build 200316
(custom)
Affected: 0 , ≤ WR941ND v6 3.16.9 Build 151203 (custom) |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14739",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T04:55:46.816730Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:07:27.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WR940N and WR941ND",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "WR940N v5 3.20.1 Build 200316",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "WR941ND v6 3.16.9 Build 151203",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "VulnCheck"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows\u0026nbsp;local unauthenticated attackers the ability to execute DoS attack \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eand potentially arbitrary code execution\u003c/span\u003e\n\nunder the context of the \u2018root\u2019 user.\u003cp\u003eThis issue affects WR940N and WR941ND: \u2264 WR940N v5 3.20.1 Build 200316, \n\n\u2264\n\n WR941ND v6 3.16.9 Build 151203.\u003c/p\u003e"
}
],
"value": "Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows\u00a0local unauthenticated attackers the ability to execute DoS attack \n\nand potentially arbitrary code execution\n\nunder the context of the \u2018root\u2019 user.This issue affects WR940N and WR941ND: \u2264 WR940N v5 3.20.1 Build 200316, \n\n\u2264\n\n WR941ND v6 3.16.9 Build 151203."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T19:37:03.298Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"url": "https://www.tp-link.com/us/support/download/tl-wr941nd/#Firmware"
},
{
"url": "https://www.tp-link.com/us/support/download/tl-wr940n/v5/#Firmware"
},
{
"url": "https://blog.exodusintel.com/2022/06/23/tp-link-wr940n-wr941nd-uninitialized-pointer-vulnerability/"
},
{
"url": "https://www.tp-link.com/us/support/faq/4848/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Uninitialized Pointer Vulnerability in TP-Link WR940N and WR941ND",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-14739",
"datePublished": "2025-12-18T18:02:04.697Z",
"dateReserved": "2025-12-15T18:35:29.224Z",
"dateUpdated": "2026-02-26T16:07:27.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}