CVE-2014-4727

Name of the Vulnerable Software and Affected Versions TP-LINK N750 Wireless Dual Band Gigabit Router (TL-WDR4300) versions prior to firmware 140916

Description The issue is related to a cross-site scripting (XSS) vulnerability in the DHCP clients page. This allows remote attackers to inject arbitrary web script or HTML via the hostname in a DHCP request.

Recommendations For versions prior to firmware 140916, update the firmware to version 140916 or later to resolve the issue. As a temporary workaround, consider restricting access to the DHCP clients page until the update is applied.