Security Advisory on LAN Code Execution on Archer MR200, Archer C20, TL-WR850N, and TL-WR845N (CVE-2025-15551)
670 Vulnerability Description:
The response coming from the router for any request is getting executed by the JavaScript function like eval directly without any check.
Impact:
Attackers can exploit this vulnerability via a Man-in-the-Middle (MitM) attack to execute JavaScript code on the router's admin web portal without the user's permission or knowledge.
CVSS v4.0 Score: 5.9 / Medium
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N
Affected Products/Versions and Fixes:
|
Affected Product Model |
Affected Version |
Fixed Version |
|
Archer MR200 v5.20 |
<= 1.1.0 Build 240723 Rel. 52455n |
1.2.0 Build 250917 Rel.51746 |
|
Archer C20 v6 |
<= 0.9.1 4.19 v0001.0 Build 241231 Rel.53022n |
0.9.1 4.19 v0001.0 Build 250630 Rel.56583n |
|
TL-WR850N v3 |
<= 3.16.0 0.9.1 Build 230227 |
3.16.0 0.9.1 v6031.0 Build 251205 Rel.22089n |
|
TL-WR845N v4 |
<= 0.9.1 3.19 Build 250401 rel57442 |
0.9.1 3.19 Build 251031 rel33710 |
Recommendation(s):
We strongly recommended that users with the affected device(s) take the following action(s):
- Download and update to the latest firmware to fix the vulnerabilities.
- Change the password after the firmware upgrade to mitigate the potential risk of password leakage.
The latest firmware of related models and download links are below:
EN: Download for Archer MR200 | TP-Link
Download for Archer C20 | TP-Link
Download for TL-WR845N | TP-Link
IN: Download for Archer MR200 | TP-Link India
Download for Archer C20 | TP-Link India
Download for TL-WR845N | TP-Link India
Download for TL-WR850N | TP-Link India
These models are not sold in the US.
Disclaimer:
If you do not take the recommended action(s) stated above, this vulnerability concern will remain. TP-Link cannot bear any responsibility for the consequences that could have been avoided by following the recommended action(s) in this advisory.
這篇faq是否有用?
您的反饋將幫助我們改善網站