24h | 7d | 30d

CVE-2023-50224

Overview

  • TP-Link
  • TL-WR841N
03 May 2024
Published
21 Oct 2025
Updated
CVSS v3.0
MEDIUM (6.5)
EPSS
2.37%
KEV

Description

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.

Statistics

  • 1 Post
Last activity: 7 hours ago

Bluesky

Profile picture
qian.cx @qiancx.bsky.social
CISA警示TP-Link路由器重大漏洞CVE-2023-50224和CVE-2025-9377 正在被积极利用 https://qian.cx/posts/59D54055-A8BC-49B9-AAAE-7721E0ABB744
  • 0
  • 0
  • 0
  • 7h ago

CVE-2025-66478

Overview

  • Pending
Pending
Published
03 Dec 2025
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This CVE is a duplicate of CVE-2025-55182.

Statistics

  • 1 Post
Last activity: 20 hours ago

Bluesky

Profile picture
BABA Toshiaki @netmarkjp.bsky.social
#ばばさん通信ダイジェスト 賛否関わらず話題になった/なりそうなものを共有しています。 Fastly’s Proactive Protection for React2Shell, Critical React RCE CVE-2025-55182 and CVE-2025-66478 https://www.fastly.com/blog/fastlys-proactive-protection-critical-react-rce-cve-2025-55182
  • 0
  • 0
  • 0
  • 20h ago

CVE-2025-43529

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
Last activity: 4 hours ago

Fediverse

Profile picture
lj·rk→⁽³⁹ᶜ³⁾ @ljrk

Huh, I somehow missed this CVE:
mastodon.social/@verbrecher/11
Thx to for the pointer @verbrecher

CVE-2025-14174 is related to this commit in the ANGLE repo:
github.com/google/angle/commit

For CVE-2025-43529 there's much less info.

  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-9377

Overview

  • TP-Link Systems Inc.
  • Archer C7(EU) V2
29 Aug 2025
Published
21 Oct 2025
Updated
CVSS v4.0
HIGH (8.6)
EPSS
14.59%
KEV

Description

The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es).

Statistics

  • 1 Post
Last activity: 7 hours ago

Bluesky

Profile picture
qian.cx @qiancx.bsky.social
CISA警示TP-Link路由器重大漏洞CVE-2023-50224和CVE-2025-9377 正在被积极利用 https://qian.cx/posts/59D54055-A8BC-49B9-AAAE-7721E0ABB744
  • 0
  • 0
  • 0
  • 7h ago
Showing 21 to 24 of 24 CVEs