CVE-2025-15542 MEDIUM

CVE-2025-15542: Denial of Service (DoS) of VoIP Communication on TP-Link VX800v

Vendor Tp-Link Systems Inc.
Product VX800v v1.0
Weakness CWE-754
Published January 29, 2026
Last update January 29, 2026

CVSS base score

6.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with crafted INVITE messages, blocking all voice lines and causing a denial of service on incoming calls.

Key dates

02Disclosure timeline

January 29, 2026 CVE published
January 29, 2026 Record updated