CVE-2026-5039: Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N

Q: What is the severity of CVE-2026-5039?

CVE-2026-5039 is considered a high severity vulnerability due to its potential to expose sensitive data through predictable encryption keys.

Q: How do I fix CVE-2026-5039?

To fix CVE-2026-5039, change the default web management credentials and ensure that the device is configured with a strong, non-default password.

Q: What devices are affected by CVE-2026-5039?

CVE-2026-5039 affects the TP-Link TL-WR841N version 13 and potentially other models using the same vulnerability.

Q: What type of encryption is exploited in CVE-2026-5039?

CVE-2026-5039 exploits DES-CBC encryption in the TDDPv2 debug protocol, which utilizes a predictable default cryptographic key.

Q: What happens if CVE-2026-5039 is not addressed?

If CVE-2026-5039 is not addressed, attackers could gain unauthorized access to encrypted data by exploiting the predictable cryptographic key.

Published Apr 23, 2026

Updated

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.

Affected Software

3 affected components

TP-Link TL-WR841N=v13

All of the following

TP-Link TL-WR841N firmware<231120

TP-Link TL-WR841N=13.0

Event History

Apr 23, 2026

CVE Published

via MITRE·04:10 PM

Data Sourced

via MITRE·04:10 PM

DescriptionWeakness

Data Sourced

via NVD·06:16 PM

DescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2026-5039?

CVE-2026-5039 is considered a high severity vulnerability due to its potential to expose sensitive data through predictable encryption keys.

How do I fix CVE-2026-5039?

To fix CVE-2026-5039, change the default web management credentials and ensure that the device is configured with a strong, non-default password.

What devices are affected by CVE-2026-5039?

CVE-2026-5039 affects the TP-Link TL-WR841N version 13 and potentially other models using the same vulnerability.

What type of encryption is exploited in CVE-2026-5039?

CVE-2026-5039 exploits DES-CBC encryption in the TDDPv2 debug protocol, which utilizes a predictable default cryptographic key.

What happens if CVE-2026-5039 is not addressed?

If CVE-2026-5039 is not addressed, attackers could gain unauthorized access to encrypted data by exploiting the predictable cryptographic key.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.