CVE•Published 2026-04-23•Modified 2026-05-05•1 article on news•6 live references•NVD data
CVE-2026-5039Tp-link · Tl-wr841n_firmware
Vulnerability data via NVD (ingested)
CVSS v3.1
8.8
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
3
Exploit Prediction Scoring System · top 97% of all CVEs
Weaknesses (CWE)
Description
TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
Timeline
Published 2026-04-23
Modified 2026-05-05
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag0 hosts
vuln:CVE-2026-5039Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · OS
os:"Tl-wr841n Firmware"Hosts Shodan identified as running Tl-wr841n Firmware.
More intel sources (5)
Shodan report
vuln:CVE-2026-5039Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-5039Censys host search filtered to this CVE id.
grep.app
CVE-2026-5039Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-5039GitHub code search for direct mentions.
Google dork
"CVE-2026-5039" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (7)
CVE-2026-50397 repos
hugefiver/mystarsunknown
COCOP1l0t/CodeAuditorPython
Automated Vulnerability Discovery Agent Pipeline
dick318/awesome-starsunknown
hrodrig/pgwdGo
Go CLI that checks PostgreSQL connection counts and notifies via Slack and/or Loki when configured thresholds are exceeded. It can also alert on stale connections.
oslook/n8n-workflowsunknown
4200 + Workflow Automation Templates are Grouped by Categories/Services for easy navigation
ARPSyndicate/euvd-scoresunknown
VEDAS Score Aggregator for EUVDs
YannKr/openrsvpGo