Unrated severityNVD Advisory· Published Jan 15, 2026· Updated Jan 15, 2026

Null Pointer Dereference Vulnerability on TL-WR841N

CVE-2025-9014

Description

A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation. A remote, unauthenticated attacker can exploit this flaw and cause Denial of Service on the web portal service.This issue affects TL-WR841N v14: before 250908.

Affected products

TP-Link/Tl Wr841nllm-fuzzy
Range: <250908
TP-Link Systems Inc./TL-WR841N v14v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tp-link.com/en/support/download/tl-wr841n/mitrepatch
www.tp-link.com/jp/support/download/tl-wr841n/mitrepatch
www.tp-link.com/us/support/download/tl-wr841n/mitrepatch
www.tp-link.com/us/support/faq/4894/mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000