CVE-2026-9105

Description

An authenticated stack-based buffer overflow vulnerability exists in the web management interface of TP-Link TL-WR841N v14. A remote authenticated attacker can send crafted HTTP requests to cause the embedded web server to overflow a stack buffer, resulting in a crash of the affected process. Successful exploitation results in a denial-of-service condition, causing the device to crash and automatically reboot.

References

• https://www.tp-link.com/en/support/download/tl-wr841n/v14/#Firmware
• https://www.tp-link.com/us/support/download/tl-wr841n/v14/#Firmware
• https://www.tp-link.com/us/support/faq/5152/