CVE-2025-6151

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR940N version V4

Description A critical issue has been found in the TP-Link TL-WR940N V4, affecting some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm. The manipulation of the dnsserver1 argument leads to a buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations As a temporary workaround, consider restricting access to the /userRpm/WanSlaacCfgRpm.htm file until a patch is available. Avoid using the dnsserver1 argument in the affected functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.