PromptRiskDBThreat intelligence atlas

CVE-2023-50224 - TP-Link TL-WR841N

AI Vulnerability Context

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from impro...

Overview

A source-backed snapshot of this vulnerability.

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.

CISA KEVyesWhether CISA lists this as exploited.
Techniques0AI attack methods connected to this vulnerability.
Case studies0Examples where this vulnerability is mentioned.

Vulnerability status

How serious this vulnerability is and whether it is known to be exploited.

CISA KEVMEDIUM
CVE ID
CVE-2023-50224
Vendor/project
TP-Link
Product
TL-WR841N
Vulnerability name
TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability
Date added
2025-09-03
Due date
2025-09-24
Known ransomware campaign use
Unknown
CVSS v3
6.5
CWE-290

Exploit context

What the vulnerability is about.

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.

Source evidence

Original public records and references for this page.

Original source

Original source links

Open the public records and source datasets used for this page.