CVE-2026-11410
Received Received - Intake
Authenticated OS Command Injection in TP-Link TL-WR940N v6

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: TPLink

Description
An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-06-17
AI Q&A
2026-06-17
EPSS Evaluated
N/A
NVD
CVE-2026-11410
EUVD
EUVD-2026-37498
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tp-link tl-wr940n 6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an authenticated OS command injection issue found in the BigPond Cable (BPA) WAN configuration module of the TP-Link TL-WR940N v6 router. It occurs because the device does not properly sanitize user input, allowing an attacker who already has administrative access to the device's web management interface to execute arbitrary system commands with elevated privileges.

Impact Analysis

Exploiting this vulnerability can allow an attacker with administrative access to execute arbitrary system commands on the device with elevated privileges. This can lead to a compromise of the device's confidentiality, integrity, and availability, potentially allowing the attacker to control the device, disrupt network services, or access sensitive information.

Mitigation Strategies

To mitigate this vulnerability, users should update the TP-Link TL-WR940N v6 device to the latest firmware version provided by TP-Link.

Additionally, administrative access to the device's web management interface should be restricted to trusted networks only.

If possible, upgrading to a supported model is recommended for ongoing protection, as the device has reached end-of-life.

Compliance Impact

The vulnerability allows attackers with administrative access to execute arbitrary system commands with elevated privileges, potentially compromising the confidentiality, integrity, and availability of the device.

Such compromises can lead to violations of common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

Failure to mitigate this vulnerability by applying firmware updates or restricting administrative access may increase the risk of non-compliance with these regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-11410. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart