CVE-2025-14175
Unknown Unknown - Not Provided

Weak Cryptographic Algorithm in TP-Link TL-WR820N SSH Enables Traffic Decryption

Vulnerability report for CVE-2025-14175, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-29

Last updated on: 2026-03-08

Assigner: TPLink

Description

A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic algorithm, enabling an adjacent attacker to intercept and decrypt SSH traffic. Exploitation may expose sensitive information and compromise confidentiality.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-29
Last Modified
2026-03-08
Generated
2026-07-06
AI Q&A
2025-12-29
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
tp-link tl-wr820n_firmware to 1.15.0 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the SSH server of the TP-Link TL-WR820N v2.80 device. It allows the use of a weak cryptographic algorithm, which enables an adjacent attacker to intercept and decrypt SSH traffic. This means that the attacker can potentially access sensitive information transmitted over the SSH connection.

Impact Analysis

The vulnerability can impact you by exposing sensitive information transmitted via SSH to an adjacent attacker. This compromises the confidentiality of your data and could lead to unauthorized access or data breaches.

Compliance Impact

The vulnerability allows an adjacent attacker to intercept and decrypt SSH traffic, potentially exposing sensitive information and compromising confidentiality. This exposure of sensitive data could negatively impact compliance with standards and regulations such as GDPR and HIPAA, which require protection of sensitive information and confidentiality. However, no explicit details on compliance impact are provided in the resources. [2]

Mitigation Strategies

To mitigate the CVE-2025-14175 vulnerability on the TP-Link TL-WR820N router, you should update the device firmware to the latest version, specifically to version 1.15.0 Build 250813 or later. This update addresses the weak cryptographic algorithm issue in the SSH server. It is recommended to perform the firmware upgrade via a wired connection to avoid disconnection during the process and to avoid turning off the power during the upgrade to prevent device damage. [2, 3]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14175. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart