CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities KEV catalog, noting that there is evidence of them being exploited in the wild. The vulnerabilities in question are listed...

CVE-2022-42433

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N TL-WR841NUSV14220121 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...