CVE-2026-11409

Description

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges.

CVSS breakdown

CVSS 4.0

Attack Vector

Adjacent

Attack Complexity

Low

Attack Requirements

None

Privileges Required

High

User Interaction

None

Confidentiality (Vulnerable System)

High

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

TP-Link Systems Inc. / TL-WR940N v60 – V6_260528

References

MISChttps://www.tp-link.com/en/support/download/tl-wr940n/v6/#Firmware
MISChttps://www.tp-link.com/us/support/download/tl-wr940n/v6/#Firmware
MISChttps://www.tp-link.com/us/support/faq/5131/