CVE-2026-11410 TP-Link Systems Inc. CVE debrief

Who should care

Administrators and users of TL-WR940N v6 devices, especially those with administrative access, should be aware of this vulnerability and take necessary precautions to prevent exploitation.

Technical summary

The vulnerability exists in the BigPond Cable (BPA) WAN configuration module of TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access can exploit this issue to execute arbitrary system commands with elevated privileges. The CVSS vector for this vulnerability is CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X.

Defensive priority

High

Recommended defensive actions

• Update to the latest firmware version as soon as available
• Restrict administrative access to the device
• Implement proper input validation and sanitization for user input
• Monitor device logs for suspicious activity
• Consider replacing the device if it is no longer supported by the vendor
• Limit exposure of the device to the internet

Evidence notes

The information provided is based on data from the National Vulnerability Database (NVD) and the CVE.org website. The vendor of the affected product is likely TP-Link, based on the provided references.

Official resources