Improper input validation in Tp-link Systems Inc. Td-w8961n V4.0

CVE-2025-15606

A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploi…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.001 (21.0th percentile) — read the EPSS interpretation.

Affected products

Tp-link Systems Inc. Td-w8961n V4.0 — versions 0

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

www.tp-link.com/en/support/download/td-w8961n/v4/ (patch)
www.tp-link.com/us/support/faq/5028/ (vendor-advisory)