CVE-2025-14739

N/A Unknown
Published: December 18, 2025 Modified: December 19, 2025
View on NVD

Description

Access of Uninitialized Pointer vulnerability in TP-Link WR940N and WR941ND allows local unauthenticated attackers the ability to execute DoS attack and potentially arbitrary code execution under the context of the ‘root’ user.This issue affects WR940N and WR941ND: ≤ WR940N v5 3.20.1 Build 200316, ≤ WR941ND v6 3.16.9 Build 151203.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://blog.exodusintel.com/2022/06/23/tp-link-wr940n-wr941nd-uninitialized-pointer-vulnerability/
Source: f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/us/support/download/tl-wr940n/v5/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/us/support/download/tl-wr941nd/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
https://www.tp-link.com/us/support/faq/4848/
Source: f23511db-6c3e-4e32-a477-6aa17d310630

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.0%
4th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-824

Related CVEs

CVE-2025-52691 10.0
CVE-2025-15168 7.3
CVE-2025-15167 7.3
CVE-2025-15166 7.3
CVE-2025-15165 7.3