Unrated severityNVD Advisory· Published Jan 29, 2026· Updated Feb 26, 2026
Insecure Encryption in Communication with the Web Interface on TP-Link VX800v
CVE-2025-13399
Description
A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality, integrity, and availability of transmitted data.
Affected products
1- TP-Link Systems Inc./VX800v v1.0v5Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.tp-link.com/de/support/download/vx800v/mitrepatch
- www.tp-link.com/us/support/faq/4930/mitrevendor-advisory
News mentions
0No linked articles in our index yet.