TP-Link VPN Routers: Major Security Flaws Exposed
A recent discovery by researchers at Forescout's Vedere Labs has unveiled critical vulnerabilities in TP-Link's Omada and Festa VPN routers. These flaws, identified as CVE-2025-7850 and CVE-2025-7851, could potentially grant unauthorized access and control to threat actors, raising serious concerns about the security of these devices.
But here's where it gets controversial: the researchers found that TP-Link's previous attempt to fix a similar vulnerability, CVE-2024-21827, left behind some critical issues. An incomplete fix created a new path for attackers, allowing them to exploit residual debug code and gain root access.
By rooting a TP-Link Omada ER605v2 router, the researchers uncovered two key problems: the use of the same private key across multiple devices and the presence of old debug code. This meant that an attacker could potentially exploit the original root login path if they had access to the 'imagetypedebug' file.
And this is the part most people miss: the researchers also discovered a vulnerability in the Web UI of the ER605v2 router. The WireGuard VPN settings exposed a private-key field that was not properly secured, allowing authenticated users to inject arbitrary commands with root privileges. This vulnerability, CVE-2025-7850, could even be exploited without credentials in certain scenarios.
TP-Link has since released patches for both vulnerabilities, but the researchers at Vedere Labs recommend immediate action. They suggest applying the firmware patches and implementing additional security measures, such as deploying web application firewalls and disabling remote administration where possible.
So, what does this mean for users? It's a stark reminder of the importance of staying vigilant and keeping devices updated with the latest security patches. With the potential for unauthorized access and command injection, these vulnerabilities highlight the need for robust security practices.
What are your thoughts on this? Do you think these vulnerabilities could have been prevented? Share your insights and let's discuss the implications of these findings in the comments below!
