Researchers began to detect exploit attempts in the wild targeting the patched, high-severity flaw in TP-Link routers starting on April 11.
Active exploitation of the CVE-2022-47966 ManageEngine flaw is underway.
The critical-severity unauthenticated remote code execution flaw is now being actively exploited, according to CISA.