CVE-2024-57040

Critical CVSS: 9.8

TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained by analyzing downloaded firmware or via a brute force attack through physical access to the router.

Vendor

Tp-link

Product

Tl-wr845n Firmware

CWE

CWE-798

Yayın Tarihi

2025-02-26 22:15:14

Güncelleme

2025-04-07 18:29:36

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-798 Tl-wr845n Firmware CRITICAL Tp-link 2025

Referanslar

https://security.iiita.ac.in/iot/hashed_password.pdf

Benzer Kayıtlar

High

CVE-2026-34122

A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling c…

High

CVE-2026-34124

A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic.…

High

CVE-2026-34118

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logi…

High

CVE-2026-34119

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when…

High

CVE-2026-34120

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of…

High

CVE-2026-34121

An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v…