CVE-2025-6982

UNKNOWN 0.0

Hardcoded DES Decryption Keys in TP-Link Archer C50 V3/V4/V5 and C20 V5

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

10th

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ), and C20 V5 (<US_V5_260419 or <EU_V5_260317) allows attackers to decrypt the config.xml files.

CWE	CWE-798
Vendor	tp-link systems inc.
Product	archer c50 v3
Published	Jul 16, 2025
Last Updated	Apr 22, 2026

Stay Ahead of the Next One

Get instant alerts for tp-link systems inc. archer c50 v3

Be the first to know when new unknown vulnerabilities affecting tp-link systems inc. archer c50 v3 are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

TP-Link Systems Inc. / Archer C50 V3

0 ≤ 180703

TP-Link Systems Inc. / Archer C50 V4

0 ≤ 250117

TP-Link Systems Inc. / Archer C50 V5

0 ≤ 200407

TP-Link Systems Inc. / Archer C20 V5

0 < US_V5_260419 0 < EU_V5_260317

References

NVD ↗ CVE.org ↗ EPSS Data ↗

tp-link.com: https://www.tp-link.com/us/support/faq/4538/ tp-link.com: https://www.tp-link.com/us/support/download/archer-c20/v5/#Firmware tp-link.com: https://www.tp-link.com/en/support/download/archer-c20/v5/#Firmware kb.cert.org: https://www.kb.cert.org/vuls/id/554637