TP-Link has patched several vulnerabilities in its
Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.
Tracked as CVE-2025-15517, this security flaw affects Archer NX200, NX210, NX500, and NX600 wireless routers and stems from a
missing authentication weakness that attackers can exploit without privileges.
"A missing authentication check in the HTTP server to certain cgi endpoints allows unauthenticated access intended for authenticated users," TP-Link explained earlier this week when it released security updates that address the vulnerability.
"An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations."
TP-Link also removed a hardcoded cryptographic key (CVE-2025-15605) in the configuration mechanism, which allowed authenticated attackers to decrypt configuration files, modify them, and re-encrypt them.
Additionally, it addressed two command injection vulnerabilities (CVE-2025-15518 and CVE-2025-15519) that enable threat actors with admin privileges to execute arbitrary commands.
TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware.
www.bleepingcomputer.com
