Description
An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.
Published: 2026-06-16
Score: 8.5 High
EPSS: 2.8% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authenticated OS command injection flaw exists in the IPv6 PPPoE configuration handler of TP‑Link TL‑WR940N v6. Unsanitized user input allows an attacker who has administrative rights to inject and execute arbitrary system commands, leading to full system compromise with elevated privileges. The vulnerability directly affects the confidentiality, integrity, and availability of the device and any network resources it manages.

Affected Systems

TP‑Link Systems Inc. product TL‑WR940N v6 is affected. No other products or additional version ranges are listed, so only the v6 firmware revision is vulnerable.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity. The EPSS score of 3% indicates a low but non‑zero probability of exploitation at the time of analysis. The vulnerability is not present in the CISA KEV catalog. Exploitation requires authenticated administrative access, implying that an attacker must first gain or already possess such access. Once the base privilege is achieved, the attacker can execute arbitrary commands remotely on the router.

Generated by OpenCVE AI on June 19, 2026 at 21:08 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest firmware update for TP‑Link TL‑WR940N v6 from the vendor’s website.
  • Disable the IPv6 PPPoE configuration if the feature is not required, removing the vulnerable code path.
  • Restrict administrative access to a trusted local network or VPN, limiting the attack surface for authenticated users.

Generated by OpenCVE AI on June 19, 2026 at 21:08 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tl-wr940n V6
Vendors & Products Tp-link
Tp-link tl-wr940n V6

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 22:00:00 +0000

Type Values Removed Values Added
Description An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.
Title OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N
Weaknesses CWE-78
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


Subscriptions

Tp-link Tl-wr940n V6
cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-06-18T03:56:11.660Z

Reserved: 2026-06-05T18:37:11.242Z

Link: CVE-2026-11409

cve-icon Vulnrichment

Updated: 2026-06-17T14:35:26.733Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:42:39Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')