Vulnerability Description
Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.
Related Weaknesses (CWE)
References
- https://blog.exodusintel.com/2022/06/23/tp-link-wr940n-wr941nd-uninitialized-poi
- https://www.tp-link.com/us/support/download/tl-wr940n/v5/#Firmware
- https://www.tp-link.com/us/support/download/tl-wr941nd/#Firmware
- https://www.tp-link.com/us/support/faq/4848/
FAQ
What is CVE-2025-14739?
CVE-2025-14739 is a documented vulnerability. Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under t...
How severe is CVE-2025-14739?
CVSS scoring is not yet available for CVE-2025-14739. Check NVD for updates.
Is there a patch for CVE-2025-14739?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.