High severity8.1NVD Advisory· Published Mar 23, 2026· Updated Mar 31, 2026

CVE-2025-15517

Description

A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.

Affected products

TP-Link/Archer Nx200 Firmware
cpe:2.3:o:tp-link:archer_nx200_firmware:*:*:*:*:*:*:*:*
Range: <1.3.0
TP-Link/Archer Nx210 Firmware
cpe:2.3:o:tp-link:archer_nx210_firmware:*:*:*:*:*:*:*:*
Range: <1.3.0
TP-Link/Archer Nx500 Firmware
cpe:2.3:o:tp-link:archer_nx500_firmware:*:*:*:*:*:*:*:*
Range: <1.5.0
TP-Link/Archer Nx600 Firmware
cpe:2.3:o:tp-link:archer_nx600_firmware:*:*:*:*:*:*:*:*
Range: <1.3.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tp-link.com/us/support/faq/5027/nvdVendor Advisory
www.tp-link.com/en/support/download/archer-nx200/nvdProduct
www.tp-link.com/en/support/download/archer-nx210/nvdProduct
www.tp-link.com/en/support/download/archer-nx500/nvdProduct
www.tp-link.com/en/support/download/archer-nx600/nvdProduct

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000