Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA KEV catalog update for TP-Link router flaws

Public Sector Action
First reported
Last updated
Happening score
H score 50
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2023-50224 and CVE-2025-9377 to the KEV catalog, forcing FCEB agencies to prioritize mitigation for TP-Link wireless routers by September 24, 2025. The two flaws include an authentication bypass in TL-WR841N and a command injection bug that can lead to remote code execution. CISA said there is evidence of in-the-wild exploitation, increasing the urgency for federal network defenders.

Related Happenings

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

Cisco Catalyst SD-WAN Manager information disclosure vulnerability (CVE-2026-20133)

Vulnerability
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: CISA moved **CVE-2026-20133** in **Cisco Catalyst SD-WAN Manager** into its **KEV Catalog**, signaling **active exploitation** against **unpatched devices** and forcing **FCEB age...

Open Happening

TP-Link router authenticated command injection (CVE-2023-33538)

Vulnerability
First: 20.04.2026 10:50 Last: 20.04.2026 10:50 Sources 1

About this happening: **CVE-2023-33538** in **discontinued TP-Link routers** is still being probed, leaving exposed devices at risk of **arbitrary command execution** and **denial of service** if attac...

Open Happening

TP-Link security patch release for CVE-2025-15517

Security Patch Release
First: 25.03.2026 13:11 Last: 25.03.2026 13:11 Sources 1

About this happening: **TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...

Open Happening

FCC bans new foreign-made consumer routers

Public Sector Action
First: 25.03.2026 09:11 Last: 25.03.2026 09:11 Sources 1

About this happening: The U.S. Federal Communications Commission banned the import of new foreign-made consumer routers after concluding they pose unacceptable cyber and national security risks to U.S....

Latest development: 26.03.2026 21:48

The FCC's March 23 ban on new foreign-made consumer-grade routers may leave U.S. consumers and small businesses using older devices longer, while businesses replacing network gear could face a more constrained and potentially more expensive market with fewer approved options and longer procurement cycles.

Open Happening

Timeline

  1. 04.09.2025 13:03 2 articles · 8mo ago

    CISA adds TP-Link router flaws CVE-2023-50224 and CVE-2025-9377 to KEV catalog

    Initial Disclosure

    CISA added CVE-2023-50224 and CVE-2025-9377 to its Known Exploited Vulnerabilities (KEV) catalog for TP-Link wireless routers, citing evidence of in-the-wild exploitation. The flaws affect TL-WR841N and Archer C7 models and include an authentication bypass that can expose stored credentials and a command injection issue that could lead to remote code execution. Federal Civilian Executive Branch agencies were urged to apply mitigations by September 24, 2025.

    Show sources
    Open in new tab