High severity8.0NVD Advisory· Published Mar 9, 2026· Updated May 6, 2026

CVE-2025-15568

Description

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.

This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.

Affected products

TP-Link/Archer Axe75 Firmware3 versions
cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*range: <1.3.2
- cpe:2.3:o:tp-link:archer_axe75_firmware:1.3.2:-:*:*:*:*:*:*
- cpe:2.3:o:tp-link:archer_axe75_firmware:1.3.2:build_20250107:*:*:*:*:*:*
TP-Link Systems Inc./Archer AXE75 v1.6/v1.0v5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.tp-link.com/us/support/faq/5005/nvdVendor Advisory
www.tp-link.com/en/support/download/archer-axe75/v1/nvdProduct
www.tp-link.com/us/support/download/archer-axe75/v1.60/nvdProduct
www.tp-link.com/us/support/download/archer-axe75/v1/nvdProduct

News mentions

No linked articles in our index yet.

cvss	0.520
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000