MEIFP – Most Exploited Internet-Facing Products

TP-Link Systems Inc.

Products: AX10 V1/V1.2/V2/V2.6/V3/V3.6 · AX1500 V1/V1.20/V1.26/V1.60/V1.80/V2.60/V3.6 · Archer C7(EU) V2 · TL-WR841N V11 · TL-WR841N/ND(MS) V9 · TL-WR940N V4

24.0

Score

CVEs

Active

PoC

KEV

#114

Rank

Period:

Product:

CVE ID	Published	CVSS	Exploit	KEV	AC	PR	Auto	Score(hover)	Affected Products	Description
CVE-2025-9961	2025-09-06	8.6v4.0	POC	—	Low	High	no	0.0	AX10 V1/V1.2/V2/V2.6/V3/V3.6AX1500 V1/V1.20/V1.26/V1.60/V1.80/V2.60/V3.6	An authenticated attacker may remotely execute arbitrary code via the CWMP binary on the devices AX10 and AX1500. The exploit can only be conducted via a Man-In-The-Middle (MITM) attack. This issue affects AX10 V1/V1.2/V2/V2.6/V3/V3.6: before 1.2.1; AX1500 V1/V1.20/V1.26/V1.60/V1.80/V2.60/V3.6:
CVE-2025-9377	2025-08-29	8.6v4.0	ACTIVE		Low	High	no	24.0	Archer C7(EU) V2TL-WR841N/ND(MS) V9	The authenticated remote command execution (RCE) vulnerability exists in the Parental Control page on TP-Link Archer C7(EU) V2 and TL-WR841N/ND(MS) V9. This issue affects Archer C7(EU) V2: before 241108 and TL-WR841N/ND(MS) V9: before 241108. Both products have reached the status of EOL (end-of-l
CVE-2025-6151	2025-06-17	8.2v4.0	POC	—	Low	High	no	0.0	TL-WR841N V11TL-WR940N V4	A vulnerability has been found in TP-Link TL-WR940N V4 and TL-WR841N V11. Affected by this issue is some unknown functionality of the file /userRpm/WanSlaacCfgRpm.htm, which may lead to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are no long

Each CVE: 10 pts base (Active only), boosted by:

KEV×2.0AC: Low×1.2PR: None×1.3PR: Low×1.1Auto×1.3