VYPR

Archer Nx600 Firmware

by TP-Link

CVEs (4)

  • CVE-2025-15517HigMar 23, 2026
    risk 0.53cvss 8.1epss 0.03

    A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware…

  • CVE-2025-15605HigMar 23, 2026
    risk 0.47cvss 7.3epss 0.00

    A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them,…

  • CVE-2025-15519HigMar 23, 2026
    risk 0.47cvss 7.2epss 0.01

    Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary…

  • CVE-2025-15518HigMar 23, 2026
    risk 0.47cvss 7.2epss 0.01

    Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary…