https://i0.wp.com/www.beaude.net/no-flux/wp-content/uploads/2021/12/TlWr840NEuV5Datasheet.690516743-User-Guide-Page-1.png?resize=676%2C410&ssl=1

“The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. The flaw is tracked as CVE-2021-41653 and is caused by a vulnerable ‘host’ variable that an authenticated user can abuse to execute commands on the device. TP-Link fixed the flaw by releasing a firmware update (TL-WR840N(EU)_V5_211109) on November 12, 2021. However, many users have not applied the security update yet.”

Source : Dark Mirai botnet targeting RCE on popular TP-Link router