CVE-2026-11409

OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N

CVSS 8.5 HIGHEPSS 2.8%CWE-78

In short

A flaw in the TP-Link TL-WR940N router allows an administrator to inject malicious system commands through the IPv6 PPPoE settings due to poor input validation. An attacker with admin access could run any command on the device with full control.

Technical detail

OS command injection vulnerability in the IPv6 PPPoE configuration handler of TP-Link TL-WR940N v6 stemming from insufficient input sanitization. An authenticated attacker can craft malicious input to execute arbitrary system commands with elevated privileges; the attack vector requires administrative credentials and affects the integrity and confidentiality of the device and network.

Summary generated and translated by AI from the official description.

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.

CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

TP-Link Systems Inc. · TL-WR940N v6

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.tp-link.com/en/support/download/tl-wr940n/v6/#Firmware https://www.tp-link.com/us/support/download/tl-wr940n/v6/#Firmware https://www.tp-link.com/us/support/faq/5131/