Unrated severityNVD Advisory· Published Jan 29, 2026· Updated Feb 13, 2026

Missing Application-Layer Encryption in Web Interface Endpoints on TP-Link VX800v

CVE-2025-15548

Description

Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application layer encryption, allowing a network adjacent attacker to intercept this traffic and compromise its confidentiality.

Affected products

Vonets/VX800vllm-create
Range: = v1.0
TP-Link Systems Inc./VX800v v1.0v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tp-link.com/de/support/download/vx800v/mitrepatch
www.tp-link.com/us/support/faq/4930/mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000