CVE-2025-9293

Name of the Vulnerable Software and Affected Versions TP-Link mobile applications (affected versions not specified)

Description A flaw in the certificate validation process could allow applications to accept untrusted server identities during TLS communication. An attacker with a privileged network position may intercept or modify traffic. Successful exploitation may compromise the confidentiality, integrity, and availability of application data. This could enable man-in-the-middle attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.