Zero Day MonitorZDM

← Back to list

8.1

CVE-2025-15517PATCHED

tp-link · archer_nx600_firmware

A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker m

Description

A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.

Affected Products

Vendor	Product	Versions
tp-link	archer_nx600_firmware	< 1.3.0, < 1.5.0, < 1.3.0, < 1.3.0, < 1.3.0, < 1.4.0, < 1.3.0, < 1.3.0, < 1.3.0, < 1.8.0

References

https://www.tp-link.com/en/support/download/archer-nx200/#Firmware(Product)
https://www.tp-link.com/en/support/download/archer-nx210/#Firmware(Product)
https://www.tp-link.com/en/support/download/archer-nx500/#Firmware(Product)
https://www.tp-link.com/en/support/download/archer-nx600/#Firmware(Product)
https://www.tp-link.com/us/support/faq/5027/(Vendor Advisory)

Related News (1 articles)

Tier D

Heise Security15d ago

Angreifer können manipulierte Firmware auf TP-Link-Router laden

→ No new info (linked only)

CVSS 3.18.1 HIGH

VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

1.3.01.5.01.4.01.8.0

CWECWE-306, CWE-20

PublishedMar 23, 2026

Last enriched8d agov2

Trending Score4

Source articles1

Independent1

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2025-15605

A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated att

HIGHCVE-2025-62501

SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. Th

HIGHCVE-2025-15519

Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An

HIGHCVE-2025-15518

Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An

HIGHCVE-2025-62673

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially c

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Mar 23, 2026

Patch Available

Mar 31, 2026

Discovered by ZDM

Apr 1, 2026

Updated: cweIds

Apr 1, 2026

Version History

v2

Last enriched 8d ago

v2Tier D8d ago

Updated CWE IDs to include CWE-20, marked exploit availability as true, and corrected active exploitation status.

cweIds

via Heise Security

v18d ago

Initial creation