Cyberdudebivash

  Executive Summary Multiple critical vulnerabilities in TP-Link routers (both discontinued and still-in-market models) are now actively exploited . Attackers are chaining authentication bypasses and remote command injection flaws to gain full control of routers, hijack network traffic, build botnets, and escalate to attacks on connected devices and cloud accounts (e.g., Microsoft 365). If your network has one of the affected routers, it’s at very high risk. TechRadar +2 The Hacker News +2 Key Vulnerabilities & Models Affected CVE / Flaw Router Models / Types Affected Nature of Flaw Severity / Exploitation Status CVE-2023-33538 TP-Link TL-WR940N V2/V4; TL-WR841N V8/V10; TL-WR740N V1/V2 (discontinued models) Command injection via ssid1 parameter in HTTP GET to /userRpm/WlanNetworkRpm . No authentication required. CVSS ~8.8. Added to CISA’s Known Exploited Vulnerabilities catalog. Active exploitation reported. The Hacker News +1 CVE-2025-9377 & CVE-2025-50224 TP-Link Ar...