- EPSS 0.17%
- Veröffentlicht 09.03.2026 16:19:05
- Zuletzt bearbeitet 06.05.2026 14:18:51
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode...
CVE-2025-15035
- EPSS 0.02%
- Veröffentlicht 09.01.2026 17:15:51
- Zuletzt bearbeitet 09.03.2026 15:27:05
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded funct...
- EPSS 70.66%
- Veröffentlicht 02.12.2024 22:15:10
- Zuletzt bearbeitet 15.04.2026 00:35:42
An Authenticated Remote Code Execution (RCE) vulnerability affects the TP-Link Archer router series. A vulnerability exists in the "tmp_get_sites" function of the HomeShield functionality provided by TP-Link. This vulnerability is still exploitable w...
CVE-2024-38471
- EPSS 0.1%
- Veröffentlicht 04.07.2024 01:15:02
- Zuletzt bearbeitet 15.04.2026 00:35:42
Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by restoring a crafted backup file. The affected device, with the initial configuration, allows login only from the LAN port...
- EPSS 0.1%
- Veröffentlicht 11.01.2024 00:15:44
- Zuletzt bearbeitet 17.06.2025 20:15:29
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
CVE-2024-21833
- EPSS 0.21%
- Veröffentlicht 11.01.2024 00:15:44
- Zuletzt bearbeitet 16.06.2025 19:15:30
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.