The Broadband Guide
search advanced

CISA warns TP-Link vulnerabilities exploited in active cyberattacks

2025-09-08 14:54 by
Tags: ,

 

The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese networking biz TP-Link are under active attack and need to be fixed – but there's another flaw being exploited as well.

CISA warned that two flaws, CVE-2023-50224 and CVE-2025-9377, have been exploited in the wild by persons unknown. The first issue allows an attacker without authentication to find authentication credentials by subverting httpd, while the second exposes the Archer C7(EU) V2 and TL-WR841N/ND(MS) V9 routers to remote code execution.

"CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice," the agency warned.

Security officials had already warned about the growing influence of TP-Link in the American hardware market, with Rob Joyce, former head of the NSA's hacking team, noting that the Chinese manufacturer had grown its market share in the US from 10 percent in 2019 to nearly 60 percent by selling its kit at a loss. He suspects that its market share and links to the Chinese government puts American users at risk.

Another TP-Link flaw was also disclosed this week. A bug in the Customer Premises Equipment WAN Management Protocol (CWMP) leaves routers prone to crashing, according to security researcher Mehrun.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About