CVE-2025-6151

Published Jun 17, 2025

Last updated 2 days ago

CVSS high 8.2

Overview

Description: A vulnerability has been found in TP-Link TL-WR940N V4 and TL-WR841N V11. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm, which may lead to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Source: f23511db-6c3e-4e32-a477-6aa17d310630
NVD status: Modified
CNA Tags: unsupported-when-assigned

Risk scores

CVSS 4.0

Type: Secondary
Base score: 8.2
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: HIGH

Weaknesses

f23511db-6c3e-4e32-a477-6aa17d310630: CWE-119
nvd@nist.gov: CWE-120

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2492A6CA-DFF1-42DC-8800-4A66D8943C33"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:tp-link:tl-wr940n:v4:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2537DC7E-8024-45B5-924C-18C9B702DAFC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 4.0

Weaknesses

Social media

Configurations

References