QwikSec

Security Database

CVE

CWE

Training

CVE-2025-9014

Published: Jan 15, 2026

Modified: Jan 15, 2026

PUBLISHED

Description

A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation. A remote, unauthenticated attacker can exploit this flaw and cause Denial of Service on the web portal service.This issue affects TL-WR841N v14: before 250908.

Vendor	Product	Versions
TP-Link Systems Inc.	TL-WR841N v14	affected `0 - < 250908`

Weaknesses (CWE)

References

https://www.tp-link.com/us/support/faq/4894/

vendor-advisory

https://www.tp-link.com/jp/support/download/tl-wr841n/#Firmware

patch

https://www.tp-link.com/en/support/download/tl-wr841n/#Firmware

patch

https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware

patch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.