CVE-2023-50224β€”TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability

PUBLISHEDvulnerability record
2025-09-03 Β· last modified September 3, 2025

Metadata

CVE ID:
CVE-2023-50224
Project:
TP-Link
Product:
TL-WR841N
Date Added:
2025-09-03
Due Date:
2025-09-24
Last Updated:
September 3, 2025

Vulnerability Name

TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability

Description

TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

Related News Articles

Related Weaknesses