CVE-2025-15606 | TP-Link TD-W8961N 4.0 Httpd Service denial of service

VDB-352576 · CVE-2025-15606 · GCVE-0-2025-15606 TP-LINK TD-W8961N 4.0 HTTPD SERVICE DENIAL OF SERVICE HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 4.1 $0-$5k 2.49+ Summaryinfo A vulnerability classified as problematic was found in TP-Link TD-W8961N 4.0. This issue affects some unknown processing of the component Httpd Service. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2025-15606. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised. Detailsinfo A vulnerability classified as problematic was found in TP-Link TD-W8961N 4.0. This vulnerability affects an unknown function of the component Httpd Service. The manipulation with an unknown input leads to a denial of service vulnerability. The CWE definition for the vulnerability is CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. As an impact it is known to affect availability. CVE summarizes: A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption, resulting in a DoS condition. The weakness was released by RONBUB. The advisory is shared for download at tp-link.com. This vulnerability was named CVE-2025-15606 since 03/10/2026. The exploitation appears to be easy. The attack needs to approached within the local network. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available. Upgrading to version 4_250925 eliminates this vulnerability. Productinfo Vendor TP-Link Name TD-W8961N Version 4.0 License commercial Website Vendor: https://www.tp-link.com/ CPE 2.3info 🔒 CPE 2.2info 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CNA CVSS-B Score: 🔒 CNA CVSS-BT Score: 🔒 CNA Vector: 🔒 CVSSv3info VulDB Meta Base Score: 4.3 VulDB Meta Temp Score: 4.1 VulDB Base Score: 4.3 VulDB Temp Score: 4.1 VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Denial of service CWE: CWE-404 CAPEC: 🔒 ATT&CK: 🔒 Physical: No Local: No Remote: Partially Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Upgrade Status: 🔍 0-Day Time: 🔒 Upgrade: TD-W8961N 4_250925 Timelineinfo 03/10/2026 CVE reserved 03/23/2026 +13 days Advisory disclosed 03/23/2026 +0 days VulDB entry created 03/23/2026 +0 days VulDB entry last update Sourcesinfo Vendor: tp-link.com Advisory: tp-link.com Researcher: RONBUB Status: Confirmed CVE: CVE-2025-15606 (🔒) GCVE (CVE): GCVE-0-2025-15606 GCVE (VulDB): GCVE-100-352576 Entryinfo Created: 03/23/2026 20:13 Changes: 03/23/2026 20:13 (68) Complete: 🔍 Cache ID: 99:E05:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸