Description
TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via WlanSecurityRpm.htm by tricking authenticated users into visiting attacker-controlled pages.
Published: 2026-05-17
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A cross‑site request forgery flaw in TP‑Link TL‑WR720N routers lets an attacker forge administrative requests to alter network settings such as port forwarding rules and Wi‑Fi security options. By tricking a user who is already logged into the router, the attacker can modify the router’s configuration without permission, potentially redirecting traffic, exposing devices, or disabling wireless protection. The primary impact is breakdown of integrity and availability of the local network, as the attacker gains the ability to reconfigure key router functions.

Affected Systems

All versions of the TP‑Link TL‑WR720N wireless N router are affected.

Risk and Exploitability

The CVSS score of 5.3 indicates a medium severity impact, and EPSS data is not available, so the likelihood of exploitation is uncertain. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires a victim to be logged into the router’s web interface and to visit a malicious page crafted by the attacker; the attack vector is therefore web‑based and depends on social‑engineering of an authenticated user.

Generated by OpenCVE AI on May 17, 2026 at 13:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to a version that includes the CSRF fix (for example, version 1.13.07.19 or later as distributed by TP‑Link)
  • Configure the router so that administrative sessions require fresh login credentials for each session and set a short session timeout to limit persistent access
  • Disable remote management of the router and restrict access to the web interface to the local network only, reducing the attack surface for CSRF

Generated by OpenCVE AI on May 17, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 13:45:00 +0000

Type Values Removed Values Added
Title TP-Link TL-WR720N V1_130719 CSRF via Administrative Interfaces TP-Link TL-WR720N CSRF via Administrative Interfaces (firmware V1_130719)

Tue, 26 May 2026 00:00:00 +0000

Type Values Removed Values Added
Title TP-Link TL-WR720N All Versions CSRF via Administrative Interfaces TP-Link TL-WR720N V1_130719 CSRF via Administrative Interfaces

Mon, 18 May 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link tl-wr720n
Tp-link tl-wr720n Firmware
CPEs cpe:2.3:h:tp-link:tl-wr720n:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wr720n_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tp-link tl-wr720n
Tp-link tl-wr720n Firmware

Mon, 18 May 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 17 May 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tl-wr720nmbps Wireless N Router
Vendors & Products Tp-link
Tp-link tl-wr720nmbps Wireless N Router

Sun, 17 May 2026 12:30:00 +0000

Type Values Removed Values Added
Description TP-Link TL-WR720N wireless router contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious web requests. Attackers can modify port forwarding rules via VirtualServerRpm.htm or change WiFi security settings via WlanSecurityRpm.htm by tricking authenticated users into visiting attacker-controlled pages.
Title TP-Link TL-WR720N All Versions CSRF via Administrative Interfaces
Weaknesses CWE-352
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L'}

Subscriptions

Tp-link Tl-wr720n Tl-wr720n Firmware Tl-wr720nmbps Wireless N Router
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-26T11:51:35.665Z

Reserved: 2026-05-17T11:36:55.327Z

Link: CVE-2018-25321

cve-icon Vulnrichment

Updated: 2026-05-18T16:43:10.999Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-17T13:16:43.403

Modified: 2026-05-18T18:34:55.360

Link: CVE-2018-25321

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T17:00:14Z

Weaknesses
  • CWE-352

    Cross-Site Request Forgery (CSRF)