What is the severity of CVE-2025-29650?

CVE-2025-29650 is classified as a high severity SQL Injection vulnerability.

How do I fix CVE-2025-29650?

To fix CVE-2025-29650, update the TP-Link M7200 4G LTE Mobile Wi-Fi Router Firmware to the latest version provided by TP-Link.

Who is affected by CVE-2025-29650?

Users of the TP-Link M7200 4G LTE Mobile Wi-Fi Router running Firmware Version 1.0.7 Build 180127 Rel.55998n are affected by CVE-2025-29650.

What type of vulnerability is CVE-2025-29650?

CVE-2025-29650 is a SQL Injection vulnerability allowing unauthenticated attackers to inject malicious SQL statements.

What are the consequences of exploiting CVE-2025-29650?

Exploiting CVE-2025-29650 could allow attackers to gain unauthorized access to sensitive data stored in the database.

Vulnerability/
CVE-2025-29650

medium

6.3

CWE

16/4/2025

24/4/2025

CVE-2025-29650: SQL Injection

First published: Wed Apr 16 2025(Updated: )

SQL Injection vulnerability exists in the TP-Link M7200 4G LTE Mobile Wi-Fi Router Firmware Version: 1.0.7 Build 180127 Rel.55998n, allowing an unauthenticated attacker to inject malicious SQL statements via the username and password fields. NOTE: this is disputed because the issue can only be reproduced on a supplier-provided emulator, where access control is intentionally absent for ease of functional testing.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
TP-Link M7200 4G LTE Mobile Wi-Fi Router
All of
TP-Link M7200	=1.0.7-build_180127_rel.55998n
TP-Link M7200 Firmware

Never miss a vulnerability like this again

Reference Links

https://github.com/TheVeteran1/Vulnerability-Research/blob/main/CVE-2025-29650

Frequently Asked Questions

What is the severity of CVE-2025-29650?
CVE-2025-29650 is classified as a high severity SQL Injection vulnerability.
How do I fix CVE-2025-29650?
To fix CVE-2025-29650, update the TP-Link M7200 4G LTE Mobile Wi-Fi Router Firmware to the latest version provided by TP-Link.
Who is affected by CVE-2025-29650?
Users of the TP-Link M7200 4G LTE Mobile Wi-Fi Router running Firmware Version 1.0.7 Build 180127 Rel.55998n are affected by CVE-2025-29650.
What type of vulnerability is CVE-2025-29650?
CVE-2025-29650 is a SQL Injection vulnerability allowing unauthenticated attackers to inject malicious SQL statements.
What are the consequences of exploiting CVE-2025-29650?
Exploiting CVE-2025-29650 could allow attackers to gain unauthorized access to sensitive data stored in the database.

agent/references
agent/type
agent/first-publish-date
agent/source
agent/author
agent/severity
agent/event
collector/mitre-cve
source/MITRE
agent/weakness
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/last-modified-date
agent/tags
agent/softwarecombine
collector/nvd-api
source/NVD
vendor/tp-link
canonical/tp-link m7200 4g lte mobile wi-fi router
canonical/tp-link m7200
version/tp-link m7200/1.0.7-build_180127_rel.55998n
canonical/tp-link m7200 firmware

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.