TP-Link Patches High-Severity Router Vulnerabilities
TP-Link has released patches for four high-severity vulnerabilities in Archer NX router models that could be exploited to fully compromise devices.
The bugs, tracked as CVE-2025-15517, CVE-2025-15518, CVE-2025-15519, and CVE-2025-15605, were resolved in fresh firmware releases for the Archer NX200, NX210, NX500, and NX600 router models.
The first of the flaws, CVE-2025-15517, allows attackers to bypass authentication and perform actions such as firmware uploads or configuration operations, TP-Link notes in its advisory.
CVE-2026-15518 and CVE-2026-15519 are command injection bugs that require administrative privileges for successful exploitation, while CVE-2025-15605 exists because a hardcoded cryptographic key is used for configuration file encryption and decryption, allowing attackers to tamper with these files.
The fixes were rolled out one day before Cisco’s Talos researchers published details on 10 vulnerabilities affecting TP-Link’s Archer AX53 routers, including nine memory safety flaws and one misconfiguration issue that could lead to credentials leak.
Successful exploitation of these security defects could allow attackers to execute arbitrary code remotely on vulnerable devices or to leak credentials via a man‑in‑the‑middle (MITM) attack.
Talos reported the vulnerabilities to TP-Link in October, and the vendor rolled out fixes for its Archer AX53 v1.0 routers in early February.
Now, Talos has published technical details on all 10 bugs, as well as on 19 flaws in the Canva Affinity pixel and vector art manipulation tool, and one issue in Hikvision’s face recognition terminals.
Of the Affinity security defects, 18 could be exploited to leak sensitive information and one to execute arbitrary code using specially crafted EMF files.
The Hikvision vulnerability could be exploited remotely via specially crafted network packets to achieve arbitrary code execution.
This article was published by Security Week. Please check their website for the original content.
