## https://sploitus.com/exploit?id=EF6E18E6-2399-515B-98D4-95AF3969AC62
# ๐ CVE-2025-14175
## Weak Algorithm Support in SSH Server โ TP-Link TL-WR820N





---
## ๐ Overview
This repository documents a security vulnerability identified in the **SSH server implementation** of the **TP-Link TL-WR820N (v2.80)** router.
The vulnerability allowed the use of **weak cryptographic algorithms**, potentially exposing the confidentiality of SSH traffic.
The issue was **responsibly disclosed**, **patched by the vendor**, and assigned **CVE-2025-14175**.
---
## ๐ง Vulnerability Summary
- **Product**: TP-Link TL-WR820N (v2.80)
- **CVE ID**: CVE-2025-14175
- **CWE**: CWE-327 โ Use of a Broken or Risky Cryptographic Algorithm
- **CVSS v4.0**: 6.0 (Medium)
- **Attack Vector**: Adjacent Network
- **Impact**: Confidentiality compromise
- **Status**: Fixed in the latest firmware
---
## ๐ Responsible Disclosure Timeline
| Event | Date |
|------|------|
| Discovery | 14 June 2025 |
| Reported to Vendor | 16 June 2025 |
| Fix Released | 25 Sep 2025 |
| CVE Published | 29 Dec 2025 |
---
## ๐ ๏ธ Affected & Fixed Versions
| Status | Firmware Version |
|------|------------------|
| โ Affected | ` โ ๏ธ This repository is intended **strictly for educational and research purposes**.
---
## ๐ References
- ๐ **CVE Record**: https://www.cve.org/cverecord?id=CVE-2025-14175
- ๐ก๏ธ **TP-Link Security Advisory**: https://www.tp-link.com/us/support/faq/4861/
- ๐ฆ **Firmware Downloads**: https://www.tp-link.com/in/support/download/tl-wr820n/
---
## ๐ค Researcher
**Vishwa V**
Cybersecurity Enthusiast | Student
SRM Institute of Science and Technology
---
โญ If you find this research useful, consider giving the repository a star.