CVE-2025-15551 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

The response coming from TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like e…
Medium CVSS: 5.9

CVE-2025-15551

The response coming from TP-Link Archer MR200 v5.2, C20 v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle (MitM) attack to execute JavaScript code on the router's admin web portal without the user's permission or knowledge.
Vendor
Tp-link
Product
Archer Mr200 Firmware
CWE
CWE-95
Yayın Tarihi
2026-02-05 18:16:09
Güncelleme
2026-02-12 16:24:44
Source Identifier
f23511db-6c3e-4e32-a477-6aa17d310630
KEV Date Added
-

Kategoriler

CWE-95 Archer Mr200 Firmware MEDIUM Tp-link 2026

Referanslar

https://www.tp-link.com/en/support/download/archer-c20/v6/#Firmware https://www.tp-link.com/en/support/download/archer-mr200/v5.20/#Firmware https://www.tp-link.com/en/support/download/tl-wr845n/#Firmware https://www.tp-link.com/in/support/download/archer-c20/v6/#Firmware https://www.tp-link.com/in/support/download/archer-mr200/v5.20/#Firmware https://www.tp-link.com/in/support/download/tl-wr845n/#Firmware https://www.tp-link.com/in/support/download/tl-wr850n/#Firmware https://www.tp-link.com/us/support/faq/4948/