The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a critical vulnerability affecting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog. This high-severity flaw, designated as CVE-2020-24363, has a CVSS score of 8.8 and involves a missing authentication issue that could be exploited to gain elevated access to affected devices.
CISA warned that the vulnerability would allow an unauthenticated attacker on the same network to exploit a TDDP_RESET POST request, potentially enabling them to reset the device and establish incorrect access control by setting a new administrative password. Although a patch was available in firmware version TL-WA855RE(EU)_V5_200731, the device has reached its end-of-life status, meaning users likely won’t receive updates or security patches, urging them to consider replacing their devices.
The agency did not provide specific details regarding the active exploitation of this vulnerability, such as the identity of the attackers or the scope of the campaigns involved.
Additionally, CISA added another vulnerability to its KEV catalog, impacting WhatsApp. This security flaw, identified as CVE-2025-55177 with a CVSS score of 5.4, has been exploited as part of a targeted spyware campaign. WhatsApp confirmed that it sent in-app notifications to fewer than 200 users who might have been targeted, although specifics about the targets and the spyware vendor remain undisclosed.
Federal Civilian Executive Branch (FCEB) agencies are advised to implement necessary mitigations by September 23, 2025, for both vulnerabilities to mitigate potential threats.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.