Medium severity5.6NVD Advisory· Published Feb 5, 2026· Updated Apr 22, 2026

CVE-2025-15551

Description

The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle (MitM) attack to execute JavaScript code on the router's admin web portal without the user's permission or knowledge.

Affected products

TP-Link/Archer Mr200 Firmware
cpe:2.3:o:tp-link:archer_mr200_firmware:*:*:*:*:*:*:*:*
Range: <250917
TP-Link/Archer C20 Firmware
cpe:2.3:o:tp-link:archer_c20_firmware:*:*:*:*:*:*:*:*
Range: <250630
TP-Link/Tl Wr850n Firmware
cpe:2.3:o:tp-link:tl-wr850n_firmware:*:*:*:*:*:*:*:*
Range: <0.9.1_Build251205
TP-Link/Tl Wr845n Firmware
cpe:2.3:o:tp-link:tl-wr845n_firmware:*:*:*:*:*:*:*:*
Range: <251031

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tp-link.com/us/support/faq/4948/nvdVendor Advisory
www.tp-link.com/en/support/download/archer-c20/v6/nvdProduct
www.tp-link.com/en/support/download/archer-mr200/v5.20/nvdProduct
www.tp-link.com/en/support/download/tl-wr845n/nvdProduct
www.tp-link.com/in/support/download/archer-c20/v6/nvdProduct
www.tp-link.com/in/support/download/archer-mr200/v5.20/nvdProduct
www.tp-link.com/in/support/download/tl-wr845n/nvdProduct
www.tp-link.com/in/support/download/tl-wr850n/nvdProduct
www.tp-link.com/en/support/download/archer-c20/v5/nvd
www.tp-link.com/us/support/download/archer-c20/v5/nvd

News mentions

No linked articles in our index yet.

cvss	0.364
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000