TP-Link fixed some security flaws in its Archer NX routers. CVE-2025-15517 is a security flaw that affects Archer NX200, NX210, NX500, and NX600 wireless routers. It is due to a lack of authentication that attackers can use without special access.
“A missing authentication check in the HTTP server to certain cgi endpoints allows unauthenticated access intended for authenticated users,” TP-Link explained earlier this week when it released security updates that address the vulnerability.
“An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.”
TP-Link also removed a hardcoded key (CVE-2025-15605) in the setup process. This key let attackers who were logged in open configuration files, change them, and re-save them.
It also fixed two command injection problems (CVE-2025-15518 and CVE-2025-15519) that let people with admin access run any commands they want.
The company strongly suggested that customers download and install the newest firmware version to stop possible attacks using these weaknesses.
“If you do not take all recommended actions, this vulnerability will remain. TP-Link cannot bear any responsibility for consequences that could have been avoided by following this advisory,” it added.
In September, TP-Link had to quickly issue fixes for a serious security issue affecting several router types. They did not provide updates after a May 2024 report. This flaw let hackers intercept or change unencrypted data, redirect DNS requests to harmful servers, and add bad code to web sessions.
CISA added two more TP-Link problems (CVE-2023-50224 and CVE-2025-9377) to its list of Known Exploited Vulnerabilities in September. The Quad7 botnet has been using these to attack weak routers.
The U.S. cybersecurity agency has reported six TP-Link weaknesses being used in attacks. The oldest one is a directory traversal issue (CVE-2015-3035) that impacts many Archer devices.
The U.S. Federal Communications Commission has changed its Covered List. Now it includes all consumer routers made in other countries. U.S ban the sale of new routers made outside the U.S. because they pose a serious risk to national security.
InfoSecBulletin Cybersecurity for mankind
