CVE-2025-29089
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-09

Last updated on: 2025-09-11

Assigner: MITRE

Description
An issue in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) allows a remote attacker to obtain sensitive information
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-09
Last Modified
2025-09-11
Generated
2026-06-16
AI Q&A
2025-09-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-29089
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tp-link archer_ax10 1.3.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) involves insecure HTTP Basic Authentication where Base64-encoded credentials are transmitted over unencrypted HTTP. This allows a remote attacker to perform a Man-in-the-Middle (MITM) attack using ARP poisoning to intercept sensitive information by redirecting network traffic through their machine. The router communicates with external services without encryption, exposing credentials in cleartext. [1]

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive information such as authentication credentials. An attacker exploiting this can intercept and capture login details, potentially gaining unauthorized access to the router or network, which could lead to further compromise of network security and privacy. [1]

Compliance Impact

This vulnerability involves the cleartext transmission of sensitive information, which violates best practices for protecting personal and sensitive data. Such exposure can lead to non-compliance with standards and regulations like GDPR and HIPAA that require secure handling and transmission of sensitive information to protect user privacy and data security. [1]

Detection Guidance

This vulnerability can be detected by monitoring network traffic for unencrypted HTTP Basic Authentication credentials being transmitted in Base64 encoding. One method is to perform ARP poisoning to intercept traffic between the router and other devices. Tools such as Bettercap can be used to perform ARP spoofing and enable IP forwarding on a Linux machine. Wireshark can then be used to capture and analyze packets for HTTP requests containing Base64-encoded credentials sent over unencrypted HTTP. For example, commands include enabling IP forwarding (e.g., 'echo 1 > /proc/sys/net/ipv4/ip_forward'), running Bettercap with ARP spoofing modules targeting the router IP, and capturing traffic with Wireshark to inspect HTTP headers for Basic Authentication. [1]

Mitigation Strategies

Immediate mitigation steps include disabling HTTP Basic Authentication on the TP-Link AX10 router if possible, or ensuring that all management interfaces use HTTPS instead of HTTP to encrypt credentials in transit. Additionally, implementing network security measures such as enabling DHCP snooping, dynamic ARP inspection, and port security can help prevent ARP poisoning attacks. Using modern authentication methods and adopting Zero Trust security architectures are recommended to prevent exploitation of this vulnerability. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-29089. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart