- Description
- TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- tl-wa855re_firmware
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 8.3
- Impact score
- 10
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:C/I:C/A:C
Data from CISA
- Vulnerability name
- TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability
- Exploit added on
- Sep 2, 2025
- Exploit action due
- Sep 23, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
CISA, TP-Link (CVE-2020-24363) ve WhatsApp (CVE-2025-55177) açıklarını KEV listesine ekledi. https://t.co/23WbbNkyMd #laykon #laykonbilisim #siberguvenlik #antivirus #verigüvenliği #narbulut #netwrix #logalarm #gaterzone #logtin #watchguard #bitdefender #transferchain ht
@LaykonBilisim
8 Sept 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL THREATS - Sept 7 ⚠️ PATCH NOW: • WhatsApp CVE-2025-55177 • TP-Link CVE-2020-24363 • Git CVE-2025-48384 🦠 PromptLock AI ransomware 🕳️ 16B credentials leaked 🛡️ Update systems, enable MFA Deadline: Sept 23 #CyberSecurity #ThreatIntel https:
@404LABSx
7 Sept 2025
113 Impressions
3 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL THREATS - Sept 7 ⚠️ PATCH NOW: • WhatsApp CVE-2025-55177 • TP-Link CVE-2020-24363 • Git CVE-2025-48384 🦠 PromptLock AI ransomware 🕳️ 16B credentials leaked 🛡️ Update systems, enable MFA Deadline: Sept 23 #CyberSecurity #ThreatIntel https:
@404LABSx
7 Sept 2025
99 Impressions
3 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA adds critical vulnerabilities in WhatsApp (CVE-2025-55177) and TP-Link devices (CVE-2020-24363) to its Known Exploited Vulnerabilities catalog, highlighting risks to users and federal agencies. #US #TPLinkFlaws #WhatsAppRisks https://t.co/3iPrk5mIuL
@TweetThreatNews
3 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Cyber Threat Digest – 2025-09-03 KEV: CVE-2020-24363 — TP-link TL-WA855RE Missing Authentication NVD: CVE-2024-12974 — Improper Neutralization of Input News: Hackers breach fintech firm in attempted… #cybersecurity #infosec #CVE More: https://t.co/J1fpKfnDnv
@dpharristech
3 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 @CISACyber update: 2 new CVEs added to KEV Catalog — actively exploited! 🔵CVE-2020-24363 (@TPLINK TL-WA855RE) 🔵CVE-2025-55177 (@WhatsApp ) ⚠️ Attackers already abusing them. 💬 How quickly should orgs patch KEVs vs. other vulnerabilities? 👉 Stay updated, fo
@TechNadu
3 Sept 2025
108 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAが2つの既知の脆弱性をカタログに追加 CISA Adds Two Known Exploited Vulnerabilities to Catalog #CISA (Sep 2) CVE-2020-24363 TP-link TL-WA855RE の重要な機能の認証が欠落している脆弱性 CVE-2025-55177 Meta Platforms WhatsApp 不正認証脆
@foxbook
3 Sept 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added TP-link TL-WA855RE and Meta Platforms WhatsApp vulnerabilities CVE-2020-24363 & CVE-2025-55177 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/dlW52Mc5jG & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec
@sirjameshackz
2 Sept 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-wa855re_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86507650-088D-4963-A99D-93FE0ABEABD1",
"versionEndExcluding": "200731"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-wa855re:v5:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "1B07916A-8E49-4DB0-8100-6CD07BAFBE06"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]