CISA Identifies Critical Vulnerabilities in TP-Link Routers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified two security vulnerabilities in TP-Link wireless routers as actively exploited flaws. Despite these router models no longer being supported, TP-Link released software updates in November 2024 to address the issues due to ongoing exploitation by hackers. Users are advised to upgrade to newer hardware for enhanced security and performance. Although there are no public reports directly linking these flaws to hacker activity, TP-Link has indicated that the Quad7 botnet, operated by the Chinese hacking group Storm-0940, is exploiting these vulnerabilities for password attacks. Federal Civilian Executive Branch agencies are required to address these vulnerabilities by September 24, 2025, to safeguard their networks. This follows CISA's recent addition of another TP-Link product vulnerability to its list due to active exploitation.

Stay secure — stay Wavasec. 🔐