Affected Vendors This Week
- TP-Link: 1 CVE
This week was relatively quiet on the router vulnerability front, with just one medium-severity issue reported. While the volume is low, the affected device remains a common sight in small office and home networks.
Critical Vulnerabilities
CVE-2025-14175 affects the TP-Link TL-WR820N running firmware version 2.80. This medium-severity vulnerability (CVSS 6.5) exists in the router's SSH server implementation, which relies on weak cryptographic algorithms for encryption. An attacker positioned on the same network segment as the affected device could intercept and decrypt SSH traffic, potentially gaining unauthorized access to the router's management interface.
The threat model here is localized—the attacker must be adjacent to the target network—but SSH access to router management is a high-value target. If you manage TP-Link TL-WR820N devices, we recommend checking whether firmware updates addressing this issue are available from TP-Link's support portal.
What You Should Do
- If you manage TP-Link TL-WR820N routers, audit your firmware versions and prioritize updating to patched releases when available
- Consider disabling SSH access if it's not actively needed for remote management
- Review network segmentation to limit adjacent access to router management interfaces