VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 18, 2025· Updated Feb 26, 2026

Command Injection Vulnerability in TP-Link WA850RE

CVE-2025-14737

Description

Command Injection vulnerability in TP-Link WA850RE (httpd modules) allows authenticated adjacent attacker to inject arbitrary commands.This issue affects: ≤ WA850RE V2_160527,

WA850RE V3_160922.

Affected products

2
  • TP-Link/WA850REllm-fuzzy
    Range: <= V2_160527, <= V3_160922
  • TP-Link Systems Inc./WA850REv5
    Range: 0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.