Published: 26/02/2025 Updated: 07/04/2025

Hardcoded Root Password Vulnerability in TP-Link TL-WR845N Router Firmware

A hardcoded root account password vulnerability exists in TP-Link TL-WR845N(UN) version 4 firmware releases from September 2009 and February 2019. An attacker can obtain the hardcoded password by performing a brute force attack, potentially gaining unauthorized root-level access to the device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tp-link tl-wr845n firmware 190219
tp-link tl-wr845n firmware 200909
tp-link tl-wr845n firmware 201214

CVE-2024-57040 is a security vulnerability found in certain TP-Link TL-WR845N router models. Specifically, it involves a "hardcoded" password for the router's root account. This means a default, unchanging password is built into the router's software.

Poc-CVE-2024-57040 CVE-2024-57040 is a security vulnerability found in certain TP-Link TL-WR845N router models Specifically, it involves a "hardcoded" password for the router's root account This means a default, unchanging password is built into the router's software Affected Devices: The vulnerability affects these firmware versions: TL-WR845N(UN)_V4_19

CWE-798 https://nvd.nist.gov https://github.com/absholi7ly/Poc-CVE-2024-57040 https://www.first.org/epss https://security.iiita.ac.in/iot/hashed_password.pdf

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-57040

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect