CVE-2025-15605
- EPSS 0.02%
- Veröffentlicht 23.03.2026 18:16:24
- Zuletzt bearbeitet 31.03.2026 19:04:37
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them...
CVE-2025-15518
- EPSS 0.08%
- Veröffentlicht 23.03.2026 18:16:23
- Zuletzt bearbeitet 31.03.2026 19:05:01
Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privile...
CVE-2025-15519
- EPSS 0.08%
- Veröffentlicht 23.03.2026 18:16:23
- Zuletzt bearbeitet 31.03.2026 19:04:48
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privile...
CVE-2025-15517
- EPSS 0.07%
- Veröffentlicht 23.03.2026 18:16:22
- Zuletzt bearbeitet 31.03.2026 19:08:33
A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authent...