github - ghsa-5j4q-7r76-c92w

ghsa-5j4q-7r76-c92w

Vulnerability from github

Published

2025-07-16 21:30

Modified

2025-11-03 21:34

Severity ?

6.9 (Medium) - CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Details

Use of Hard-coded Credentials in TP-Link Archer C50 V3(

<=

180703)/V4(

<=

250117

)/V5(

<=

200407

), allows attackers to decrypt the config.xml files.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-6982"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-798"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-16T20:15:26Z",
    "severity": "MODERATE"
  },
  "details": "Use of Hard-coded Credentials in TP-Link Archer C50 V3(\n\n\u003c=\n\n180703)/V4(\n\n\n\n\u003c=\n\n250117\n\n)/V5(\n\n\n\n\u003c=\n\n200407\n\n),\u00a0allows attackers to decrypt the config.xml files.",
  "id": "GHSA-5j4q-7r76-c92w",
  "modified": "2025-11-03T21:34:08Z",
  "published": "2025-07-16T21:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6982"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/554637"
    },
    {
      "type": "WEB",
      "url": "https://www.tp-link.com/us/support/faq/4538"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

CVE-2025-6982 (GCVE-0-2025-6982)

Vulnerability from cvelistv5

Published

2025-07-16 20:01

Modified

2025-11-03 20:07

Severity ?

6.9 (Medium) - CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CWE

CWE-798 - Use of Hard-coded Credentials

Summary

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ), allows attackers to decrypt the config.xml files.

References

URL

Tags

https://www.tp-link.com/us/support/faq/4538/

Impacted products

Vendor

Product

Version

TP-Link System Inc.

Version: 0

	TP-Link System Inc.	Archer C50 V4	Version: 0
	TP-Link System Inc.	Archer C50 V5	Version: 0

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6982",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-18T14:20:25.297362Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-18T14:20:32.075Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:07:18.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.kb.cert.org/vuls/id/554637"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Archer C50 V3",
          "vendor": "TP-Link System Inc.",
          "versions": [
            {
              "lessThanOrEqual": "180703",
              "status": "affected",
              "version": "0",
              "versionType": "date"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Archer C50 V4",
          "vendor": "TP-Link System Inc.",
          "versions": [
            {
              "lessThanOrEqual": "250117",
              "status": "affected",
              "version": "0",
              "versionType": "date"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Archer C50 V5",
          "vendor": "TP-Link System Inc.",
          "versions": [
            {
              "lessThanOrEqual": "200407",
              "status": "affected",
              "version": "0",
              "versionType": "date"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jai Bhortake (Organization: CoE - CNDS Lab, VJTI, Mumbai, India)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Use of Hard-coded Credentials in TP-Link Archer C50 V3(\n\n\u003cb\u003e\u0026lt;=\u003c/b\u003e\n\n180703)/V4(\n\n\n\n\u003cb\u003e\u0026lt;=\u003c/b\u003e\n\n250117\n\n)/V5(\n\n\n\n\u003cb\u003e\u0026lt;=\u003c/b\u003e\n\n200407\n\n),\u0026nbsp;\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eallows attackers to decrypt the config.xml files.\u0026nbsp;\u003c/span\u003e"
            }
          ],
          "value": "Use of Hard-coded Credentials in TP-Link Archer C50 V3(\n\n\u003c=\n\n180703)/V4(\n\n\n\n\u003c=\n\n250117\n\n)/V5(\n\n\n\n\u003c=\n\n200407\n\n),\u00a0allows attackers to decrypt the config.xml files."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-17T18:43:37.642Z",
        "orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
        "shortName": "TPLink"
      },
      "references": [
        {
          "url": "https://www.tp-link.com/us/support/faq/4538/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "tags": [
        "unsupported-when-assigned"
      ],
      "title": "Hardcoded DES Decryption Keys in TP-Link Archer C50 V3/V4/V5",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
    "assignerShortName": "TPLink",
    "cveId": "CVE-2025-6982",
    "datePublished": "2025-07-16T20:01:41.382Z",
    "dateReserved": "2025-07-01T20:09:03.975Z",
    "dateUpdated": "2025-11-03T20:07:18.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.