CVE-2025-9377
HIGHCVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Description
The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-life). It's recommending to purchase the new product to ensure better performance and security. If replacement is not an option in the short term, please use the second reference link to download and install the patch(es).
Analysis
TP-Link Archer C7 and TL-WR841N routers contain an authenticated remote command execution vulnerability in the Parental Control page, affecting end-of-life devices with no patch available.
Technical Context
The CWE-78 OS command injection in the Parental Control page allows an authenticated administrator to inject arbitrary commands through parameter values that are passed unsanitized to shell execution.
Affected Products
['TP-Link Archer C7(EU) V2 before 241108', 'TP-Link TL-WR841N/ND(MS) V9 before 241108']
Remediation
Replace these end-of-life devices with currently supported router models. If replacement is impossible, change default credentials and restrict admin interface access to local wired connections only.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today