Cybersecurity researchers have found critical SQL injection vulnerabilities in four TP-Link router models, which could allow attackers to bypass authentication, execute malicious commands, and potentially take control of the devices.
Discovered by researcher The Veteran between February and March 2025, these flaws affect both consumer and enterprise routers, including mobile Wi-Fi hotspots.
TP-Link Router Vulnerabilities
Here’s a summary of the affected products:
- CVE-2025-29648: TP-Link EAP120 Router, Firmware 1.0, February 2025
- CVE-2025-29649: TP-Link TL-WR840N Router, Firmware 1.0, February 2025
- CVE-2025-29650: TP-Link M7200 4G LTE Mobile Router, Firmware 1.0.7, March 2025
- CVE-2025-29653: TP-Link M7450 4G LTE Mobile Router, Firmware 1.0.2, March 2025
These vulnerabilities are caused by unsanitized user input in login dashboards, allowing attackers to inject malicious SQL commands. Exploiting these flaws can lead to:
- Authentication bypass for admin access
- Execution of arbitrary SQL commands
- Potential access to connected networks
The flaws are easy to exploit, and compromised routers could allow attackers to intercept data, spread malware, or disrupt networks.
TP-Link has not yet released patches, but users are advised to:
- Isolate affected routers
- Enable auto-updates and check for firmware releases
- Use secondary authentication, like VPNs or multi-factor authentication
- Monitor for unusual network activity
The Veteran shared the findings and published technical details on GitHub. This serves as a reminder for vendors to improve security measures, especially with the rise of IoT devices.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
![Nifty[.]com Infrastructure Exploited in Phishing Attack](https://firsthackersnews.com/wp-content/uploads/2023/10/Phishing-Attacks_-Recognize-and-Avoid-Email-Phishing-1-500x383.jpg)
Leave A Comment