<ul data-eligibleForWebStory="true"><li>CISA has flagged a security issue affecting multiple TP-Link routers, with a command injection vulnerability allowing threat actors to execute system-level commands.</li><li>The affected routers have reached end-of-life status, dating back between 2010 and 2018, and are no longer receiving updates from TP-Link.</li><li>The vulnerability, tracked as CVE-2023-33538, impacts models like TP-Link TL-WR940N, TL-WR841N, and TL-WR740N.</li><li>There is no patch available to address the vulnerability, prompting users to replace outdated hardware with newer versions by the deadline of July 7, 2025.</li><li>Popular older models with thousands of positive reviews on Amazon are advised to be discontinued for usage.</li><li>Proof-of-concept exploits for these vulnerabilities are easily accessible online, posing a significant risk particularly for publicly exposed routers with remote access capabilities.</li></ul>

These popular TP-Link routers could be facing some serious security threats - find out if you're affected

Discover more