DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

No data.

No data.

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-11548 DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

No reference.

History

Mon, 16 Jun 2025 22:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-89
CPEs cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wr840n_firmware:1.0:*:*:*:*:*:*:*
Vendors & Products Tp-link
Tp-link tl-wr840n
Tp-link tl-wr840n Firmware
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

Mon, 16 Jun 2025 22:15:00 +0000

Type Values Removed Values Added
Description SQL Injection vulnerability exists in the TP-Link TL-WR840N router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where access control is intentionally absent for ease of functional testing. DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 24 Apr 2025 13:15:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link tl-wr840n
Tp-link tl-wr840n Firmware
CPEs cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wr840n_firmware:1.0:*:*:*:*:*:*:*
Vendors & Products Tp-link
Tp-link tl-wr840n
Tp-link tl-wr840n Firmware

Wed, 23 Apr 2025 23:45:00 +0000

Type Values Removed Values Added
Description SQL Injection vulnerability exists in the TP-Link TL-WR840N router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields. SQL Injection vulnerability exists in the TP-Link TL-WR840N router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where access control is intentionally absent for ease of functional testing.

Wed, 16 Apr 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-89
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 16 Apr 2025 19:45:00 +0000

Type Values Removed Values Added
Description SQL Injection vulnerability exists in the TP-Link TL-WR840N router s login dashboard (version 1.0), allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields.
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: REJECTED

Assigner: mitre

Published:

Updated: 2025-06-16T21:57:22.830Z

Reserved: 2025-03-11T00:00:00.000Z

Link: CVE-2025-29649

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Rejected

Published: 2025-04-16T20:15:17.563

Modified: 2025-06-16T22:15:55.553

Link: CVE-2025-29649

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.