Home

Description

Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.

PUBLISHED Reserved 2025-12-15 | Published 2025-12-18 | Updated 2025-12-19 | Assigner TPLink




MEDIUM: 6.8CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Problem types

CWE-824 Access of Uninitialized Pointer

Product status

Default status
unaffected

Any version
affected

Any version
affected

Credits

VulnCheck reporter

References

www.tp-link.com/us/support/download/tl-wr941nd/

www.tp-link.com/us/support/download/tl-wr940n/v5/

blog.exodusintel.com/...uninitialized-pointer-vulnerability/

www.tp-link.com/us/support/faq/4848/

cve.org (CVE-2025-14739)

nvd.nist.gov (CVE-2025-14739)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.