High severity8.0NVD Advisory· Published Mar 9, 2026· Updated May 6, 2026
CVE-2025-15568
CVE-2025-15568
Description
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.
This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*range: <1.3.2
- cpe:2.3:o:tp-link:archer_axe75_firmware:1.3.2:-:*:*:*:*:*:*
- cpe:2.3:o:tp-link:archer_axe75_firmware:1.3.2:build_20250107:*:*:*:*:*:*
- (no CPE)range: <=1.3.2 Build 20250107
- Range: 0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.