CVE-2014-9510

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR840N version prior to 3.13.27 build 141120

Description A cross-site request forgery issue exists in the administration console, allowing remote attackers to hijack administrator authentication for requests that change router settings via a configuration file import.

Recommendations For versions prior to 3.13.27 build 141120, update the firmware to version 3.13.27 build 141120 or later to resolve the issue. As a temporary workaround, consider restricting access to the administration console and avoiding the use of configuration file imports until the update is applied.