TP-Link TL-WA855RE actively exploited missing authentication flaw (CVE-2020-24363)
Vulnerability
Summary
Hide ▲
Show ▼
CISA added CVE-2020-24363 affecting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to the KEV catalog after evidence of active exploitation. The flaw is a missing authentication issue that can let an attacker on the same network reset the device and take control. A fixed firmware build exists, but the product's end-of-life status limits the chance of future updates.
Related Happenings
Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)
Exploitation Wave
First: 25.12.2025 10:07
Last: 25.12.2025 10:07
Sources 1
About this happening:
**CVE-2023-52163** is being exploited at scale against **Digiever DS-2105 Pro NVRs**, with multiple reports linking abuse to **Mirai** and **ShadowV2** botnet delivery. The flaw i...
Digiever DS-2105 Pro active exploitation wave (CVE-2023-52163)
Exploitation WaveAbout this happening: **CVE-2023-52163** is being exploited at scale against **Digiever DS-2105 Pro NVRs**, with multiple reports linking abuse to **Mirai** and **ShadowV2** botnet delivery. The flaw i...
CISA KEV addition for Sierra Wireless ALEOS routers
Public Sector Action
First: 13.12.2025 14:33
Last: 13.12.2025 14:33
Sources 1
About this happening:
**CISA** added **CVE-2018-4063** to its **KEV catalog**, putting **Sierra Wireless AirLink ALEOS routers** under federal remediation pressure after reports of **active exploitatio...
CISA KEV addition for Sierra Wireless ALEOS routers
Public Sector ActionAbout this happening: **CISA** added **CVE-2018-4063** to its **KEV catalog**, putting **Sierra Wireless AirLink ALEOS routers** under federal remediation pressure after reports of **active exploitatio...
D-Link DIR-878 end-of-life replacement advisory
Advisory/Mitigation
First: 20.11.2025 17:38
Last: 20.11.2025 17:38
Sources 1
About this happening:
**D-Link** told users of the **DIR-878 router** to move off the device because it reached **end-of-life in 2021** and will receive **no further security updates**. The mitigation...
D-Link DIR-878 end-of-life replacement advisory
Advisory/MitigationAbout this happening: **D-Link** told users of the **DIR-878 router** to move off the device because it reached **end-of-life in 2021** and will receive **no further security updates**. The mitigation...
CISA KEV catalog update for TP-Link router flaws
Public Sector Action
First: 04.09.2025 13:03
Last: 04.09.2025 13:03
Sources 1
About this happening:
CISA added **CVE-2023-50224** and **CVE-2025-9377** to the **KEV catalog**, forcing **FCEB agencies** to prioritize mitigation for **TP-Link wireless routers** by **September 24,...
CISA KEV catalog update for TP-Link router flaws
Public Sector ActionAbout this happening: CISA added **CVE-2023-50224** and **CVE-2025-9377** to the **KEV catalog**, forcing **FCEB agencies** to prioritize mitigation for **TP-Link wireless routers** by **September 24,...
CISA remediation directive for CVE-2020-24363
Advisory/Mitigation
First: 03.09.2025 21:56
Last: 03.09.2025 21:56
Sources 1
How related:
On Tuesday, CISA added CVE-2020-24363 to its Known Exploited Vulnerabilities (KEV) catalog along with the recently disclosed WhatsApp zero-day, urging federal agencies to address both by September 23.
About this happening:
**CISA** ordered **federal agencies** to address **CVE-2020-24363** by **September 23**, extending a remediation deadline for a **TP-Link TL-WA855RE** flaw that has been exploited...
CISA remediation directive for CVE-2020-24363
Advisory/MitigationHow related: On Tuesday, CISA added CVE-2020-24363 to its Known Exploited Vulnerabilities (KEV) catalog along with the recently disclosed WhatsApp zero-day, urging federal agencies to address both by September 23.
About this happening: **CISA** ordered **federal agencies** to address **CVE-2020-24363** by **September 23**, extending a remediation deadline for a **TP-Link TL-WA855RE** flaw that has been exploited...
Timeline
-
03.09.2025 08:09 2 articles · 8mo ago
CISA adds TP-Link TL-WA855RE CVE-2020-24363 to KEV catalog
Industry Or Public Sector UpdateCISA added CVE-2020-24363 affecting TP-Link TL-WA855RE Wi-Fi Ranger Extender devices to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw is a missing authentication issue that can let an attacker on the same network submit a TDDP_RESET POST request, factory reset and reboot the device, and then set a new administrative password to gain elevated access. A fixed firmware build, TL-WA855RE(EU)_V5_200731, exists, but the product is end-of-life.
Show sources
- CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation — thehackernews.com — 03.09.2025 08:09
- US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack — www.securityweek.com — 03.09.2025 21:56