TP-Link has announced that it has addressed several security vulnerabilities identified in its Archer NX router series and has recommended that users install the latest firmware version. It was reported that, among the vulnerabilities remediated, there is also a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.
According to the information provided, the vulnerability tracked as CVE-2025-15517 affects the Archer NX200, NX210, NX500 and NX600 wireless router models. The flaw stems from a missing authentication check in the HTTP server for certain CGI endpoints. According to the company, an attacker exploiting this weakness may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.
TP-Link also stated that it has removed a hardcoded cryptographic key in the configuration mechanism. This vulnerability, tracked as CVE-2025-15605, allowed authenticated attackers to decrypt configuration files, modify them and re-encrypt them. In addition, two command injection vulnerabilities, tracked as CVE-2025-15518 and CVE-2025-15519, have also been addressed. These flaws allowed threat actors with administrative privileges to execute arbitrary commands.
The company strongly recommended that users immediately download and install the latest firmware version in order to prevent potential attacks. TP-Link further noted that if the recommended actions are not taken, the vulnerability will remain and the company cannot bear responsibility for any consequences that could have been avoided by following the advisory.
17 April 2026
15 April 2026
13 April 2026
10 April 2026
09 April 2026
08 April 2026
06 April 2026
03 April 2026
© 2011-2026 All rights reserved
