Cyber Security News

TP-Link Router Vulnerabilities Allow Attackers to Execute Malicious SQL Commands

Cybersecurity researchers have uncovered critical SQL injection vulnerabilities in four TP-Link router models, enabling attackers to execute malicious commands, bypass authentication, and potentially hijack devices.

The flaws, discovered by researcher The Veteran between February and March 2025, highlight ongoing security risks in widely used networking hardware.

The vulnerabilities impact both enterprise and consumer routers, including mobile Wi-Fi hotspots. Below is a summary of the flaws:

CVE IDAffected ProductFirmware VersionDiscovery Date
CVE-2025-29648TP-Link EAP120 Router1.0February 2025
CVE-2025-29649TP-Link TL-WR840N Router1.0February 2025
CVE-2025-29650TP-Link M7200 4G LTE Mobile Router1.0.7March 2025
CVE-2025-29653TP-Link M7450 4G LTE Mobile Router1.0.2March 2025

Technical Overview

All four vulnerabilities stem from unsanitized user input in login dashboards. Attackers can inject malicious SQL statements into username or password fields, exploiting poorly configured authentication mechanisms. Successful exploitation allows:

  • Authentication bypass to gain administrative access.
  • Execution of arbitrary SQL commands to manipulate router databases.
  • Potential lateral movement within connected networks.

The Veteran noted, “These flaws are alarmingly straightforward to exploit. Attackers could compromise routers in minutes, turning them into entry points for larger network breaches.”

Compromised routers could enable:

  • Data interception (e.g., redirecting traffic to phishing sites).
  • Malware distribution to connected devices.
  • Network disruption via DNS hijacking or firmware tampering.

TP-Link has not yet released patches for the affected models as of April 2025. Users of the EAP120, TL-WR840N, M7200, and M7450 are urged to monitor for firmware updates.

  1. Isolate affected routers: Temporarily disconnect from critical networks.
  2. Enable auto-updates: Check TP-Link’s official portal for firmware releases.
  3. Use secondary authentication: Implement VPNs or multi-factor authentication (MFA) where possible.
  4. Monitor traffic: Look for unusual activity, such as unrecognized devices or configuration changes.

The Veteran reported the flaws through standard disclosure channels and published technical analyses on GitHub. “Vendors must adopt stricter input validation protocols,” they emphasized. “These vulnerabilities are preventable with basic security practices.”

As IoT devices proliferate, robust security measures are non-negotiable. TP-Link users should treat these vulnerabilities with urgency and apply patches immediately upon release. 

Find this News Interesting! Follow us on Google NewsLinkedIn, & X to Get Instant Updates!

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Threat Actor Evades SentinelOne EDR to Deploy Babuk Ransomware

Aon’s Stroz Friedberg Incident Response Services has uncovered a method used by a threat actor…

23 seconds ago

Samsung MagicINFO 9 Server Vulnerability Actively Exploited in the Wild

A critical security vulnerability in the Samsung MagicINFO 9 Server has come under active exploit,…

27 seconds ago

UK Retail Chains Targeted by Ransomware Attackers Claiming Data Theft

Major ransomware campaign targeting UK retailers has escalated as hackers provided BBC News with evidence…

11 minutes ago

Researcher Exploits Regex Filter Flaw to Gain Remote Code Execution

Target application included a username field restricted by a frontend regex filter (/^[a-zA-Z0-9]{1,20}$/), designed to…

16 minutes ago

TikTok Hit with €530 Million Fine Over Data Transfers to China

Irish Data Protection Commission (DPC) has imposed a landmark €530 million fine on TikTok Technology…

30 minutes ago

xAI API Key Leak Exposes Proprietary Language Models on GitHub

Employee at Elon Musk’s artificial intelligence firm xAI inadvertently exposed a private API key on…

38 minutes ago