Description
TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
Published: 2026-04-23
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Device integrity and availability compromise
Action: Immediate Update
AI Analysis

Impact

TP‑Link TL‑WR841N firmware version 13 implements the TDDPv2 debug protocol with DES‑CBC encryption. The cryptographic key used for this protocol is derived from the device's default web management credentials, making it predictable when the router remains in its stock configuration. An attacker that can reach the router over the local network can use this predictable key to decrypt the debug traffic, read sensitive configuration information, change certain configuration values, and force the device to reboot. The result is a loss of integrity of configuration data and a temporary denial‑of‑service condition. The weakness is a predictable cryptographic key (CWE‑1394).

Affected Systems

TP‑Link TL‑WR841N router running firmware version 13. No other versions are listed, so the vulnerability applies only to the v13 release of the device.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate risk, the EPSS score of less than 1% suggests a low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to be on the same local network as the router and to have connectivity to the debug protocol. Once accessed, the attacker can read and modify debug data, alter configuration settings, and trigger a reboot. Because the weakness stems from a predictable key, any user who has not changed the default credentials is at risk.

Generated by OpenCVE AI on April 28, 2026 at 14:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to the latest version available from TP‑Link that removes the predictable DES key vulnerability
  • Change the default web management credentials to a unique and strong username and password
  • Disable or restrict access to the TDDPv2 debug protocol or block its port using the device’s firewall or network segmentation settings

Generated by OpenCVE AI on April 28, 2026 at 14:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 05 May 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link tl-wr841n
Tp-link tl-wr841n Firmware
CPEs cpe:2.3:h:tp-link:tl-wr841n:13.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tp-link tl-wr841n
Tp-link tl-wr841n Firmware
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Tue, 28 Apr 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tl-wl841n
Vendors & Products Tp-link
Tp-link tl-wl841n

Thu, 23 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
Title Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N
Weaknesses CWE-1394
References
Metrics cvssV4_0

{'score': 6.1, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Tp-link Tl-wl841n Tl-wr841n Tl-wr841n Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-04-28T17:45:30.438Z

Reserved: 2026-03-27T16:26:48.187Z

Link: CVE-2026-5039

cve-icon Vulnrichment

Updated: 2026-04-23T17:40:20.340Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-23T18:16:30.377

Modified: 2026-05-05T14:11:58.700

Link: CVE-2026-5039

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T15:00:14Z

Weaknesses