Security Advisory on Multiple Vulnerabilities on TP-Link VX800v (CVE-2025-13399, CVE-2025-15541 to CVE-2025-15543, CVE-2025-15548)
154 Description of Vulnerabilities and Impacts:
The following vulnerabilities were identified on TP-Link VX800v v1.0:
CVE-2025-13399: Insecure Encryption in Communication with the Web Interface
A weakness in the web interface’s application layer encryption allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality, integrity, and availability of transmitted data.
CVSS v4.0 Score: 7.7 / High
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVE-2025-15541: Access to System Files via SFTP
Improper link resolution in the VX800v SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk.
CVSS v4.0 Score: 6.9 / Medium
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
CVE-2025-15542: Denial of Service (DoS) of VoIP Communication
Improper handling of exceptional conditions in SIP processing allows an attacker to flood the VX800v with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls.
CVSS v4.0 Score: 6.3 / Medium
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CVE-2025-15543: Read-Only Root Access via USB Storage Device
Improper link resolution in USB HTTP access path allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read-only access to system files.
CVSS v4.0 Score: 5.1 / Medium
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVE-2025-15548: Missing Application-Layer Encryption in Web Interface Endpoints
Some VX800v web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality.
CVSS v4.0 Score: 5.3 / Medium
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products/Versions and Fixes:
|
Affected Product Model |
CVE-IDs |
Affected Version |
|
VX800v v1.0 |
CVE-2025-13399 CVE-2025-15541 CVE-2025-15543 |
< 800.0.11 (0.11.0 3.0.0 v603c.0 Build 250702 |
|
VX800v v1.0 |
CVE-2017-8219 (known historical) CVE-2020-28926 (known historical) CVE-2025-15542 |
< 800.0.12 (0.12.0 3.0.0 v603c.0 Build 250912 |
|
VX800v v1.0 |
CVE-2025-15548 |
< 800.0.16 (0.16.0 3.0.0 v603c.0 Build 251212 |
Recommendations:
We strongly recommend that users with affected devices take the following actions:
- Download and update to the latest firmware version to fix the vulnerabilities.
DE: Download für VX800v | TP-Link Deutschland
This product is not sold in the US.
Disclaimer:
If you do not take all recommended actions, this vulnerability will remain. TP-Link cannot bear any responsibility for consequences that could have been avoided by following this advisory.
Is this faq useful?
Your feedback helps improve this site.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.