Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Sep 24, 2025

CVE-2023-50224

High
EPSS 1.5%CISA KEV
TP-Link/TL-WR841N

Description

TP-Link TL-WR841N contains an authentication bypass by spoofing vulnerability within the httpd service, which listens on TCP port 80 by default, leading to the disclose of stored credentials. The impacted products could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.

EPSS — Exploit Probability

1.5%

Higher than 80.6% of all CVEs

Required Action

https://www.tp-link.com/us/support/faq/4308/ ; https://nvd.nist.gov/vuln/detail/CVE-2023-50224

Related Articles (1)

Malware & Threats

TP-Link warns users to patch critical router auth bypass flaw

TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.

Mar 25, 2026

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
1.5%
CISA KEV
Yes
Ransomware
Unknown
Articles
1

Timeline

Published

Sep 3, 2025

Added to KEV

Sep 3, 2025

Remediation Due

Sep 24, 2025

Affected Product

TP-Link

TL-WR841N

View all TP-Link CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE