SQL Injection Vulnerability in TP-Link TL-WR840N Router
CVE-2025-29649

Currently unrated

Key Information:

Vendor: TP-Link
Status: TL-WR840N Router
Vendor: CVE Published:; 16 April 2025

Summary

A SQL Injection vulnerability has been identified in the login dashboard of the TP-Link TL-WR840N router (version 1.0). This flaw permits unauthenticated attackers to execute harmful SQL commands through the username and password input fields. Such exploitation can potentially compromise the integrity of the router's database, leading to unauthorized access and manipulation of sensitive information.

References

https://github.com/TheVeteran1/Vulnerability-Research/blo...

Timeline

Vulnerability published
Apr 16, 2025