CVE-2025-15543

Published: Jan 29, 2026

Modified: Jan 29, 2026

PUBLISHED

Description

Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem contents, giving an attacker with physical access read‑only access to system files.

Vendor	Product	Versions
TP-Link Systems Inc.	VX800v v1.0	affected `0 - < 800.0.11 (0.11.0 3.0.0 v603c.0 Build 250702)`

Weaknesses (CWE)

CWE-59

References

https://www.tp-link.com/de/support/download/vx800v/#Firmware

patch

https://www.tp-link.com/us/support/faq/4930/

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-15543

Description

Affected Products

Weaknesses (CWE)

References