VYPR
High severity8.0NVD Advisory· Published Mar 9, 2026· Updated May 6, 2026

CVE-2025-15568

CVE-2025-15568

Description

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.

This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*range: <1.3.2
    • cpe:2.3:o:tp-link:archer_axe75_firmware:1.3.2:-:*:*:*:*:*:*
    • cpe:2.3:o:tp-link:archer_axe75_firmware:1.3.2:build_20250107:*:*:*:*:*:*
    • (no CPE)range: <=1.3.2 Build 20250107
  • Range: 0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.