HIGHCVE-2026-3622Published Modified CNA TPLink
CVE-2026-3622: Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N
The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition. This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304).
Metrics
- CVSS v4.0
- 7.1
- Severity
- HIGH
- Fixed in
- 0.9.1 4.19
- Affected Products
- 1
Affected packages
- TP-Link Systems Inc. / TL-WR841N v14< 0.9.1 4.19 (from 0)
CVSS Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:NReferences