CVE-2026-3841 | THREATINT

Description

A command injection vulnerability has been identified in the Telnet command-line interface (CLI) of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. An authenticated attacker with elevated privileges may be able to execute arbitrary system commands. Successful exploitation may lead to full device compromise, including potential loss of confidentiality, integrity, and availability.

PUBLISHED Reserved 2026-03-09 | Published 2026-03-12 | Updated 2026-03-13 | Assigner TPLink

HIGH: 8.5CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')

Product status

Default status

unaffected

Any version before 1.9.0 Build 260108

affected

Credits

MrBruh finder

References

www.tp-link.com/en/support/download/tl-mr6400/v5.30/ patch

www.tp-link.com/us/support/faq/5016/ vendor-advisory

cve.org (CVE-2026-3841)

nvd.nist.gov (CVE-2026-3841)

Download JSON