Clickjacking Vulnerability in TP-Link Archer C1200 Web Management Interface
CVE-2025-6983

5.1MEDIUM

Key Information:

Vendor: Tp-link System Inc.
Status: Archer C1200
Vendor: CVE Published:; 16 July 2025

🔔 Create Tp-link System Inc. Vulnerability Alert

What is CVE-2025-6983?

A clickjacking vulnerability exists in the web management interface of the TP-Link Archer C1200 router. This flaw allows attackers to deceive users into executing unintended commands through manipulated UI elements overlaid on the legitimate webpage. Users navigating to the administration page may unknowingly interact with hidden frames that perform actions without their consent, potentially compromising network security. It is crucial for administrators to apply updates and implement security measures to mitigate this risk.

Affected Version(s)

Archer C1200 0 <= 1.1.5

References

https://www.tp-link.com/us/support/faq/4539/

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 16, 2025
Vulnerability Reserved
Jul 1, 2025