Description
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via WlanSecurityRpm.htm by tricking authenticated users into visiting attacker-controlled pages.
Published: 2026-05-17
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A cross‑site request forgery flaw in TP‑Link TL‑WR720N routers lets an attacker forge administrative requests to alter network settings such as port forwarding rules and Wi‑Fi security options. By tricking a user who is already logged into the router, the attacker can modify the router’s configuration without permission, potentially redirecting traffic, exposing devices, or disabling wireless protection. The primary impact is breakdown of integrity and availability of the local network, as the attacker gains the ability to reconfigure key router functions.

Affected Systems

All versions of the TP‑Link TL‑WR720N wireless N router are affected.

Risk and Exploitability

The CVSS score of 5.3 indicates a medium severity impact, and EPSS data is not available, so the likelihood of exploitation is uncertain. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires a victim to be logged into the router’s web interface and to visit a malicious page crafted by the attacker; the attack vector is therefore web‑based and depends on social‑engineering of an authenticated user.

Generated by OpenCVE AI on May 17, 2026 at 13:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to a version that includes the CSRF fix (for example, version 1.13.07.19 or later as distributed by TP‑Link)
  • Configure the router so that administrative sessions require fresh login credentials for each session and set a short session timeout to limit persistent access
  • Disable remote management of the router and restrict access to the web interface to the local network only, reducing the attack surface for CSRF

Generated by OpenCVE AI on May 17, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 17 May 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tl-wr720nmbps Wireless N Router
Vendors & Products Tp-link
Tp-link tl-wr720nmbps Wireless N Router

Sun, 17 May 2026 12:30:00 +0000

Type Values Removed Values Added
Description TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via WlanSecurityRpm.htm by tricking authenticated users into visiting attacker-controlled pages.
Title TP-Link TL-WR720N All Versions CSRF via Administrative Interfaces
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

Tp-link Tl-wr720nmbps Wireless N Router
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-17T12:11:28.176Z

Reserved: 2026-05-17T11:36:55.327Z

Link: CVE-2018-25321

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-17T13:16:43.403

Modified: 2026-05-17T13:16:43.403

Link: CVE-2018-25321

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T17:00:14Z

Weaknesses