CVE-2025-6983
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-07-17
Assigner: TPLink
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tp-link | archer_c1200 | 1.1.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1021 | The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Clickjacking issue in the TP-Link Archer C1200 web management page. It allows an attacker to trick users into performing unintended actions by overlaying or framing the web interface in a way that deceives the user into interacting with hidden or disguised UI elements. This affects Archer C1200 devices running firmware version 1.1.5 or earlier.
How can this vulnerability impact me? :
The vulnerability can lead to users unknowingly executing actions on their TP-Link Archer C1200 router's web management interface, potentially changing settings or configurations without their consent. This could compromise network security or functionality depending on the actions performed by the attacker through the clickjacking technique.