HIGH🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2025-9377

CVSS 8.6v4.0pub. 2025-08-29upd. 2025-11-03

The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es).

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Tp Link Archer C7

    HW
    Tp-Link
    2.0
  • Tp Link Archer C7 Firmware

    OS
    Tp-Link
    < 241108
  • Tp Link Tl Wr841n

    HW
    Tp-Link
    v9
  • Tp Link Tl Wr841nd

    HW
    Tp-Link
    9
  • Tp Link Tl Wr841nd Firmware

    OS
    Tp-Link
    < 241108
  • Tp Link Tl Wr841n Firmware

    OS
    Tp-Link
    < 241108

CISA KEV — detailsi

Vendori
TP-Link
Producti
Multiple Routers
Added to KEVi
September 3, 2025
Remediation deadline (US Federal)i
September 24, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

TP-Link Archer C7(EU) and TL-WR841N/ND(MS) contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 24 września 2025
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2022-25073CRITICAL9.8ten sam produkt

TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr...

CVE-2020-35575CRITICAL9.8ten sam produkt

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get fu...

CVE-2018-12575CRITICAL9.8ten sam produkt

On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web i...

CVE-2018-11714CRITICAL9.8ten sam produkt

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR8...

CVE-2023-33538HIGH8.8⚠ KEVten sam produkt

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection v...