cbcvebase.
CVE-2020-24363
published 2020-08-31

CVE-2020-24363: TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset…

PriorityP187high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
KEVITWEXPLOIT
CISA Known Exploited Vulnerabilitydue 2025-09-23
Exploited in the wild
EPSS
20.69%
97.2th percentile
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.

Affected

1 ranges
VendorProductVersion rangeFixed in
tp-linktl-wa855re_firmware< 200731200731

Detection & IOCsextracted from sources · hover to see the quote

url/?code=5&asyn=0
commandPOST /?code=5&asyn=0 HTTP/1.1 Content-Type: text/plain;charset=UTF-8 0|1,0,0
otherTDDP_RESET code=5
  • Alert on POST requests to '/?code=5&asyn=0' with a body of '0|1,0,0' targeting TP-Link range extender devices on the local network.
  • Monitor for X-Requested-With: XMLHttpRequest header combined with Content-Type: text/plain;charset=UTF-8 in POST requests to TP-Link device management endpoints, which is characteristic of this exploit's HTTP fingerprint.
  • ·Exploit only works against firmware version TL-WA855RE(US)_V5_200415; the vendor patched this in firmware TL-WA855RE(US)_V5_200731.
  • ·The attacker must be on the same network as the device; this is not a remote internet-facing exploit.
  • ·CISA notes the impacted product may be end-of-life/end-of-service; patching may not be available and discontinuation of use may be required.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.08.3HIGHAV:A/AC:L/Au:N/C:C/I:C/A:C
vulncheck8.8HIGH
cisa8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.