CVE-2021-26827

Published: Apr 14, 2021Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router.

Affected (1)

Products: Tp Link: Tl Wr2041+ Firmware

1 product

Tl Wr2041+ Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Tl Wr2041+ Firmware	All versions

Running on/with	Platform Versions
Tp Link Tl Wr2041+	All versions

Related CWEs

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

https://github.com/GD008/vuln/blob/main/tplink_wr2041/tplink_WR2041pv1.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/GD008/vuln/blob/main/tplink_wr2041/tplink_WR2041pv1.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.