CVE-2025-14175

MEDIUM

TP-Link TL-WR820N v2.80 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-14175. PoCs published by CyberVinner.

AI-analyzed exploit summary This repository documents CVE-2025-14175, a vulnerability in TP-Link TL-WR820N's SSH server allowing weak cryptographic algorithms. It includes disclosure details, affected versions, and references but no exploit code.

Description

A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows the use of a weak cryptographic algorithm, enabling an adjacent attacker to intercept and decrypt SSH traffic. Exploitation may expose sensitive information and compromise confidentiality.

Exploits (1)

nomisec WRITEUP
by CyberVinner · poc
https://github.com/CyberVinner/TP-Link-TL-WR820N-CVE-2025-14175

This repository documents CVE-2025-14175, a vulnerability in TP-Link TL-WR820N's SSH server allowing weak cryptographic algorithms. It includes disclosure details, affected versions, and references but no exploit code.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: TP-Link TL-WR820N (v2.80) firmware < 1.15.0 Build 250813
No auth needed
Prerequisites: Network access to the SSH service of the affected device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 6.5
EPSS 0.0031
EPSS Percentile 22.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-327
Status published
Products (1)
tp-link/tl-wr820n_firmware < 1.15.0
Published Dec 29, 2025
Tracked Since Feb 18, 2026