Denial-of-Service Vulnerability in TP-Link TD-W8961N v4.0
CVE-2025-15606

7.1HIGH

Key Information:

Vendor: Tp-link Systems Inc.
Status: Td-w8961n V4.0
Vendor: CVE Published:; 23 March 2026

🔔 Create Tp-link Systems Inc. Vulnerability Alert

What is CVE-2025-15606?

A Denial-of-Service vulnerability exists in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization. This flaw allows attackers to send specially crafted requests that result in a processing error, causing the httpd service to crash. When exploited, this vulnerability can lead to significant service disruptions, preventing legitimate users from accessing network services.

Affected Version(s)

TD-W8961N v4.0 RTOS 0

References

https://www.tp-link.com/en/support/download/td-w8961n/v4/...

patch

https://www.tp-link.com/us/support/faq/5028/

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 23, 2026
Vulnerability Reserved
Mar 9, 2026

Credit

RONBUB

CVE-2025-15606 Data

JSON