CVE-2025-14738
Unknown Unknown - Not Provided
Improper Authentication in TP-Link WA850RE Allows Config Download

Publication date: 2025-12-18

Last updated on: 2025-12-18

Assigner: TPLink

Description
Improper authentication vulnerability in TP-Link WA850RE (httpd modules) allows unauthenticated attackers to download the configuration file.This issue affects: ≀ WA850RE V2_160527, ≀ WA850RE V3_160922.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-18
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-18
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14738
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tp-link wa850re v2
tp-link wa850re v3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an improper authentication flaw in the TP-Link WA850RE Wi-Fi Range Extender's httpd server module. It allows unauthenticated remote attackers to download the device's configuration file without needing to log in. Accessing this file can expose sensitive information such as administrator credentials. [1]

Impact Analysis

If exploited, this vulnerability can allow attackers to obtain the device's configuration file, which may contain sensitive information including administrator credentials. This can lead to unauthorized access to the device, potential network compromise, and further exploitation of connected systems. [1]

Detection Guidance

This vulnerability can be detected by attempting to access the configuration file of the TP-Link WA850RE device without authentication. A common method is to send an HTTP request to the device's IP address targeting the configuration file endpoint, for example using curl: curl http://<device-ip>/config.bin. If the configuration file is returned without requiring authentication, the device is vulnerable. [1]

Mitigation Strategies

Immediate mitigation steps include updating the device firmware to the latest version provided by TP-Link, as updates addressing this vulnerability are available on TP-Link's official support pages. Additionally, restricting network access to the device's management interface and monitoring for unauthorized access attempts can help reduce risk. [1]

Compliance Impact

The vulnerability allows unauthenticated attackers to download the device's configuration file, exposing sensitive information such as administrator credentials. This exposure of sensitive data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive information against unauthorized access. Therefore, this vulnerability poses a risk to compliance with such standards by potentially enabling unauthorized data disclosure. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14738. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart