Which versions of TP-Link are affected by CVE-2025-0729?

Organizations using A vulnerability should be aware of notable risk from CVE-2025-0729 rated CVSS 6.9. Exploitation could compromise the security of affected deployments.

How to fix or mitigate CVE-2025-0729?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

TP-Link CVE-2025-0729

Q: What is the CVSS score of CVE-2025-0729?

CVE-2025-0729 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.3%.

MEDIUM

User Interface (UI) Misrepresentation of Critical Information (CWE-451)

2025-01-27 cna@vuldb.com

Information Disclosure TP-Link

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:05 vuln.today

CVE Published

Jan 27, 2025 - 17:15 nvd

MEDIUM 6.9

DescriptionNVD

A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124 Rel. 54920(Beta) is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers.

AnalysisAI

A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-451. A vulnerability was found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. It has been rated as problematic. The manipulation leads to clickjacking. The attack may be initiated remotely. Upgrading to version 1.0.0 Build 20250124 Rel. 54920(Beta) is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early. They reacted very professional and provided a pre-fix version for their customers. Version information: version 1.0.0.

Affected ProductsAI

See vendor advisory for affected versions.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

More from same product – last 7 days

CVE-2026-3294 HIGH This Week

8.7 May 22

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjac

CVE-2026-34126 HIGH This Week

7.3 May 28

Cleartext Bluetooth transmission in TP-Link Tapo L535E, P300, and D100C devices allows adjacent attackers to intercept a

CVE-2025-0729 vulnerability details – vuln.today

Back

TP-Link CVE-2025-0729

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

More from same product – last 7 days

Share

TP-Link CVE-2025-0729

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code