CVE-2025-9961
CVE-2025-9961 involves a stack-based buffer overflow in TP-Link’s CWMP binary on AX10 and AX1500 routers, enabling authenticated RCE via a MITM-exploited SetParameterValues flow. Affected: AX10 (before 1.2.1) and AX1500 (before 1.3.11). Root cause: improper bounds checking in the cwmp service lea...