CVE-2025-25427: XSS in TP-Link TL-WR841N Upnp page

8.6 CVSS

Description

A Stored cross-site scripting (XSS)
vulnerability in upnp page of the web Interface in TP-Link WR841N <=4.19
allows remote attackers to inject arbitrary JavaScript code via the port
mapping description. This leads to

an execution of the JavaScript payload when the upnp page is loaded.

Classification

CVE ID: CVE-2025-25427

CVSS Base Severity: HIGH

CVSS Base Score: 8.6

CVSS Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:L/SI:N/SA:L

Problem Types

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Affected Products

Vendor: TP-Link

Product: TL-WR841N

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.1% (probability of being exploited)

EPSS Percentile: 29.31% (scored less or equal to compared to others)

EPSS Date: 2025-04-18 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: poc

SSVC Technical Impact: total

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2025-25427
https://github.com/slin99/2025-25427

Timeline

2025-04-18 13:40:18 UTC
CVE

XSS in TP-Link TL-WR841N Upnp page