CVE-2025-15568

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

CVE-2025-15568 Command Injection Vulnerability on TP-Link Archer AXE75

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

CVE-2025-15568

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

PT-2026-24082

Name of the Vulnerable Software and Affected Versions Archer AXE75 versions 1.0 through 1.3.2 Build 20250107 Description A command injection issue exists in the web module of the Archer AXE75 router. An authenticated attacker with adjacent-network access may be able to execute remote code RCE whe...

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

CVE-2025-15035

Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 vpn modules allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤...

CVE-2025-15035

CVE-2025-15035 affects TP-Link Archer AXE75 v1.6 (vpn modules) with builds up to 20250107. The flaw is described as improper input validation in the vpn modules, enabling an authenticated adjacent attacker to delete arbitrary server files, which can cause loss of critical system files and service...

TP-LINK Archer AXE75 安全漏洞

The TP-LINK Archer AXE75 is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK Archer AXE75 v1.6, which stems from improper input validation, and could lead to the deletion of arbitrary server files by an authenticated, neighboring attacker, resulting in the...

PT-2026-1765

Name of the Vulnerable Software and Affected Versions TP-Link Archer AXE75 versions through build 20250107 Description An improper input validation issue exists in the vpn modules of TP-Link Archer AXE75. An authenticated attacker in a nearby location can delete arbitrary server files, potentiall...

Exploit for CVE-2024-53375

CVE-2024-53375 TP-Link Archer series routers Authenticated OS...

PT-2024-5005 · Tp Link · Tp-Link Archer Ax3000 +3

Name of the Vulnerable Software and Affected Versions: TP-LINK products affected versions not specified TP-Link Archer AX3000 TP-Link Archer AXE75 TP-Link Archer AX5400 TP-Link Archer Air R5 TP-Link Archer AXE5400 Description: The issue allows a network-adjacent attacker with administrative...

The vulnerability of the microprogrammed software of TP-Link Archer AX3000, Archer AX5400, and Archer AXE75 routers allows a hacker to execute arbitrary commands.

The vulnerability of TP-Link Archer AX3000, Archer AX5400, and Archer AXE75 Wi-Fi routers exists due to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2024-21821

Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands...

CVE-2024-21833

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi...

Design/Logic Flaw

Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer AX3000 firmware versions prior to "Archer AX3000JPV11.1.2 Build 20231115", Archer AX5400 firmware versions prior to "Archer AX5400JPV11.1.2...

CVE-2024-21833

Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi...

CVE-2024-21821

CVE-2024-21821 affects TP-LINK routers (e.g., Archer AX3000, AX5400, AXE75). A network-adjacent authenticated attacker with LAN/Wi‑Fi access can execute arbitrary OS commands due to inadequate input handling in the device OS. CVSS 3.1 base score 8.0 (ADJACENT, LOW{PR:L}, UI: NONE; impact C/I/A: H...

CVE-2024-21821

Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands...