Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/01/29 6:7 p.m.25 views

CVE-2025-15548 Missing Application-Layer Encryption in Web Interface Endpoints on TP-Link VX800v

Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality...

5.3CVSS0.00068EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/29 6:6 p.m.32 views

CVE-2025-15543 Read-Only Root Access via USB Storage Device in TP-Link VX800v

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files...

5.1CVSS0.00188EPSS
Exploits0References2
CVE
CVE
added 2026/01/29 6:6 p.m.15 views

CVE-2025-15543

CVE-2025-15543 : In TP-Link VX800v v1.0, an improper link resolution in the USB HTTP access path can be triggered by a crafted USB device, exposing the root filesystem contents and allowing a physically present attacker to read system files (read‑only). Connected sources also indicate a recommend...

5.1CVSS5.9AI score0.00188EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/29 6:6 p.m.18 views

CVE-2025-15542

CVE-2025-15542 describes a DoS in VX800v v1.0’s SIP processing caused by improper handling of exceptional conditions. An attacker can flood the device with crafted INVITE messages, blocking all voice lines and disrupting incoming calls. The issue is documented across multiple sources (NVD/Red Hat...

6.3CVSS5.9AI score0.00252EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/29 6:6 p.m.5 views

CVE-2025-15542 Denial of Service (DoS) of VoIP Communication on TP-Link VX800v

Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls...

6.3CVSS5.9AI score0.00252EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/29 6:6 p.m.27 views

CVE-2025-15542 Denial of Service (DoS) of VoIP Communication on TP-Link VX800v

Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls...

6.3CVSS0.00252EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/29 6:5 p.m.4 views

CVE-2025-15541 Access to System Files via SFTP on TP-Link VX800v

Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk...

6.9CVSS5.9AI score0.00253EPSS
Exploits0References2
CVE
CVE
added 2026/01/29 6:5 p.m.10 views

CVE-2025-15541

The CVE-2025-15541 entry describes an improper link resolution in the VX800v v1.0 SFTP service on TP-Link devices. Authenticated adjacent attackers can abuse crafted symbolic links to access system files, exposing high confidentiality impact and low integrity risk. Affected component: VX800v v1.0...

6.9CVSS5.9AI score0.00253EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/01/29 6:5 p.m.33 views

CVE-2025-13399 Insecure Encryption in Communication with the Web Interface on TP-Link VX800v

A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality,...

7.7CVSS0.00151EPSS
Exploits0References2
CVE
CVE
added 2026/01/29 6:5 p.m.12 views

CVE-2025-13399

The CVE-2025-13399 entry covers a weakness in the VX800v v1.0 web interface where the application-layer encryption uses a weak AES key. An adjacent attacker can brute-force this key to decrypt intercepted traffic without authentication. Impact is described as high for confidentiality, integrity, ...

8.8CVSS5.9AI score0.00151EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.5 views

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from weaknesses in the Web interface’s application layer encryption. It could allow adjacent attackers to brute-force the weak AES key and...

8.8CVSS5.8AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.4 views

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of SFTP service links, which may allow authenticated neighboring attackers to access system files using specially craft...

6.9CVSS5.8AI score0.00253EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.5 views

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of USB HTTP access path links, which may allow custom USB devices to expose the contents of the root file system...

5.1CVSS5.8AI score0.00188EPSS
Exploits0References3
Rows per page
Query Builder