Ethical Hacking News
U.S. CISA addresses critical flaws in TP-Link routers, emphasizing the importance of prompt patching and upgrading to mitigate potential risks. The agency has added two flaws to its Known Exploited Vulnerabilities catalog, highlighting the need for organizations to review their infrastructure and take immediate action to address these vulnerabilities.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, CVE-2023-50224 and CVE-2025-9377. CVE-2023-50224 is a vulnerability in the TP-Link TL-WR841N router that allows network-adjacent attackers to disclose sensitive information. CVE-2025-9377 is an authenticated Remote Code Execution (RCE) flaw in the TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9 devices. Both devices are End of Life, and vendors strongly recommend upgrading or applying patches as soon as possible to mitigate potential risks. CISA orders federal agencies to address these vulnerabilities by September 24, 2025, emphasizing the importance of prompt action to protect their networks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken significant steps to address critical vulnerabilities in certain TP-Link routers, ensuring the security of federal agencies and private organizations that use these devices. The agency has added two flaws, CVE-2023-50224 and CVE-2025-9377, to its Known Exploited Vulnerabilities (KEV) catalog, highlighting the importance of prompt patching and upgrading to mitigate potential risks.
CVE-2023-50224, a vulnerability in the TP-Link TL-WR841N router, was disclosed by researcher Aleksandar Djurdjevic 'revengsmK' through the Zero Day initiative. This flaw allows network-adjacent attackers to disclose sensitive information on affected installations of the router. The vulnerability resides in the httpd service (port 80), which enables unauthenticated, network-adjacent attackers to leak stored credentials.
The specific issue at hand is that authentication is not required to exploit this vulnerability, making it a significant security concern for organizations that rely on these routers for their internet connections. According to CISA, the flaw was discovered through an internal assessment of potential vulnerabilities in commonly used devices.
On the other hand, CVE-2025-9377 affects the TP-Link Archer C7(EU) V2 (pre-241108) and TL-WR841N/ND(MS) V9 (pre-241108). This authenticated Remote Code Execution (RCE) flaw was also discovered through internal assessments. The vulnerability has a CVSS score of 8.6, indicating a high level of risk.
Both devices are End of Life, and the vendor strongly recommends that customers upgrade or apply the patch as soon as possible to mitigate potential risks. CISA orders federal agencies to address these vulnerabilities by September 24, 2025, emphasizing the importance of prompt action to protect their networks against attacks exploiting the flaws in the catalog.
Experts emphasize the need for private organizations to review the Catalog and address the vulnerabilities in their infrastructure. This is especially important as many devices are connected to the internet, making them potential targets for malicious actors. The CISA's actions serve as a reminder of the ongoing importance of cybersecurity and the need for organizations to stay vigilant and proactive in addressing potential security threats.
In conclusion, the addition of CVE-2023-50224 and CVE-2025-9377 to the KEV catalog highlights the critical nature of these vulnerabilities. The U.S. Cybersecurity and Infrastructure Security Agency's efforts demonstrate its commitment to protecting federal agencies and private organizations from potential security risks. It is essential for organizations to take immediate action to address these vulnerabilities and ensure their devices and networks are secure.
Related Information:
https://www.ethicalhackingnews.com/articles/US-Cybersecurity-and-Infrastructure-Security-Agency-Addresses-Critical-Flaws-in-TP-Link-Routers-ehn.shtml
https://securityaffairs.com/181886/hacking/u-s-cisa-adds-tp-link-archer-c7eu-and-tl-wr841n-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://nvd.nist.gov/vuln/detail/CVE-2023-50224
https://www.cvedetails.com/cve/CVE-2023-50224/
https://nvd.nist.gov/vuln/detail/CVE-2025-9377
https://www.cvedetails.com/cve/CVE-2025-9377/
Published: Thu Sep 4 04:05:12 2025 by llama3.2 3B Q4_K_M
