Description
The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service.

Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition. 
This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304).
Published: 2026-03-26
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Immediate Patch
AI Analysis

Impact

The vulnerability arises from improper validation of UPnP input on TP‑Link TL‑Wr841n routers running firmware v14. Malformed data can trigger an out‑of‑bounds read, causing the UPnP daemon to crash. As a result, the device’s UPnP functionality becomes unavailable, effectively denying legitimate network traffic that relies on UPnP discovery or configuration. The weakness is a classic buffer overread (CWE‑125).

Affected Systems

Attackers can impact TP‑Link TL‑Wr841n routers with firmware versions before EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and before US_0.9.1.4.19 Build 260312 Rel.49108n (V14_0304). They are all identified as product TL‑Wr841n version 14 and are issued by TP‑Link Systems Inc.

Risk and Exploitability

The CVSS base score of 7.1 conveys high severity, while the EPSS score indicates that active exploitation is unlikely to be widespread (<1 %). The vulnerability is not part of the CISA KEV catalog. Exploitation requires network access to the UPnP port and a crafted request. A successful exploit would continuously bring the UPnP service down, causing a denial of service that affects only the router’s service layer and not the underlying firmware. While the impact does not lead to code execution, repeated service crashes can degrade network usability for affected users.

Generated by OpenCVE AI on April 1, 2026 at 03:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware release from TP‑Link that includes the UPnP fix.
  • If no patch is available yet, disable the UPnP service via the router’s administrative interface.
  • Configure the router firewall to block incoming UPnP traffic as a temporary protection.
  • Monitor the router logs for UPnP crash events and confirm service stability after remediation.

Generated by OpenCVE AI on April 1, 2026 at 03:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 31 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link tl-wr841n
Tp-link tl-wr841n Firmware
CPEs cpe:2.3:h:tp-link:tl-wr841n:14:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tp-link tl-wr841n
Tp-link tl-wr841n Firmware
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Sat, 28 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tl-wr841n V14
Vendors & Products Tp-link
Tp-link tl-wr841n V14

Thu, 26 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
Description The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition.  This vulnerability affects TL-WR841N v14 < EN_0.9.1 4.19 Build 260303 Rel.42399n (V14_260303) and < US_0.9.1.4.19 Build 260312 Rel. 49108n (V14_0304).
Title Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N
Weaknesses CWE-125
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Tp-link Tl-wr841n Tl-wr841n Firmware Tl-wr841n V14
cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-03-27T19:39:21.225Z

Reserved: 2026-03-06T00:09:48.566Z

Link: CVE-2026-3622

cve-icon Vulnrichment

Updated: 2026-03-27T19:30:53.009Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-26T21:17:09.697

Modified: 2026-03-31T19:09:04.387

Link: CVE-2026-3622

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-02T07:56:20Z

Weaknesses