Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-25427

A stored cross-site scripting (XSS) vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 <= Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload when the upnp page is loaded.

Published

2025-04-18T01:15:32.427

Last Modified

2025-07-09T17:35:24.770

Status

Analyzed

Source

f23511db-6c3e-4e32-a477-6aa17d310630

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	tp-link	wr841n_firmware	≤ 241230	Yes
Hardware	tp-link	wr841n	14	No
Hardware	tp-link	wr841n	14.6	No
Hardware	tp-link	wr841n	14.8	No

References

https://github.com/slin99/2025-25427 Exploit, Third Party Advisory (f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware Product (f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/us/support/faq/4415/ Vendor Advisory (f23511db-6c3e-4e32-a477-6aa17d310630)
https://github.com/slin99/2025-25427/blob/master/readme.md Exploit, Third Party Advisory (134c704f-9b21-4f2e-91b3-4a467353bcc0)