CVE-2026-3841

Name of the Vulnerable Software and Affected Versions TP-Link TL-MR6400 version 5.3

Description A command injection issue exists in the Telnet command-line interface (CLI) of the device. This is due to inadequate data sanitization during certain CLI operations. An authenticated attacker with elevated privileges could potentially execute arbitrary system commands. Successful exploitation could result in complete device compromise, potentially leading to loss of confidentiality, integrity, and availability. The vulnerability affects the processing of data within the CLI.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the Telnet CLI to minimize the risk of exploitation.