Ethical Hacking News
CISA flags multiple high-severity vulnerabilities in TP-Link routers, including CVE-2023-50224 and CVE-2025-9377, with the latter boasting an alarming CVSS score of 8.6. These updates underscore the imperative need for proactive vulnerability management and timely patching to secure networks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-50224 is related to an authentication bypass vulnerability, while CVE-2025-9377 pertains to an operating system command injection vulnerability. Federal Civilian Executive Branch (FCEB) agencies are urged to apply necessary mitigations by September 24, 2025, to secure their networks. TP-Link has released firmware updates for both vulnerabilities as of November 2024, following malicious exploitation activity. CISA's KEV catalog has also been updated with another high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products.
In a pressing reminder to network administrators and cybersecurity professionals alike, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-severity security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerabilities in question are listed as CVE-2023-50224 and CVE-2025-9377, with the former carrying a CVSS score of 6.5 and the latter boasting an alarming CVSS score of 8.6.
According to CISA, CVE-2023-50224 is related to an authentication bypass vulnerability within the httpd service of TP-Link TL-WR841N routers, which are known to listen on TCP port 80 by default. This vulnerability may lead to the disclosure of stored credentials in "/tmp/dropbear/dropbearpwd", rendering sensitive information exposed to potential attackers. On the other hand, CVE-2025-9377 pertains to an operating system command injection vulnerability affecting TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9 routers, which could facilitate remote code execution.
In light of these high-severity vulnerabilities, Federal Civilian Executive Branch (FCEB) agencies have been urged to apply the necessary mitigations by September 24, 2025, to secure their networks. It is imperative that individuals and organizations prioritize timely patching and updating to prevent exploitation.
Furthermore, it has come to light that TP-Link has released firmware updates for both vulnerabilities as of November 2024, thanks to malicious exploitation activity. This underscores the importance of staying abreast of software updates and maintaining a vigilant posture against emerging threats.
In addition, CISA's Known Exploited Vulnerabilities (KEV) catalog has been updated with another high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products, which carries a CVSS score of 8.8. This development serves as a stark reminder of the ever-present threat landscape and the imperative need for proactive vulnerability management.
In conclusion, these updates highlight the importance of vigilance in today's rapidly evolving cybersecurity environment. It is crucial to remain informed about emerging vulnerabilities and to take swift action to address them before they can be exploited by malicious actors.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Flags-Multiple-High-Severity-Vulnerabilities-in-TP-Link-Routers-Amid-Rising-Threat-Landscape-ehn.shtml
Published: Thu Sep 4 06:42:58 2025 by llama3.2 3B Q4_K_M
