CVE-2020-9375

HIGH

TP-Link Archer C50 V3 - Denial of Service via Crafted HTTP Referer Header

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2020-9375. PoCs published by thewhiteh4t, takertao.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in TP-Link Archer C50 v3 by sending malformed HTTP requests to the target device, causing it to refuse connections. The PoC attempts to connect to the device twice and checks for a connection refusal to confirm success.

Description

TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.

Exploits (3)

exploitdb WORKING POC
by thewhiteh4t · pythondoshardware
https://www.exploit-db.com/exploits/48255

This exploit demonstrates a Denial of Service (DoS) vulnerability in TP-Link Archer C50 v3 by sending malformed HTTP requests to the target device, causing it to refuse connections. The PoC attempts to connect to the device twice and checks for a connection refusal to confirm success.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TP-Link Archer C50 v3 Build 171227
No auth needed
Prerequisites: Network access to the target device · Target device must be powered on and reachable
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 20 stars
by thewhiteh4t · poc
https://github.com/thewhiteh4t/cve-2020-9375

The repository contains a functional Python exploit for CVE-2020-9375, which triggers a denial of service (DoS) in TP-Link Archer C50 v3 devices by sending a crafted HTTP request with an unexpected Referer field. The exploit demonstrates the vulnerability by causing the target device to refuse connections.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TP-Link Archer C50 v3 (Build 171227)
No auth needed
Prerequisites: Network access to the target device · Target device must be running a vulnerable firmware version
devstral-2 · analyzed Feb 18, 2026 Full analysis →
gitlab WORKING POC
by takertao · poc
https://gitlab.com/takertao/cve-2020-9375

The repository contains a functional Python exploit for CVE-2020-9375, a DoS vulnerability in TP-Link Archer C50 V3 devices. The exploit sends a crafted HTTP request with an unexpected Referer field to trigger a denial of service.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: TP-Link Archer C50 V3 (Build 171227)
No auth needed
Prerequisites: Network access to the target device · Target device must be running a vulnerable firmware version
devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.5
EPSS 0.2822
EPSS Percentile 97.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-772
Status published
Products (3)
tp-link/archer_c50 build_170822
tp-link/archer_c50 build_171227
tp-link/archer_c50 build_200318
Published Mar 25, 2020
Tracked Since Feb 18, 2026