VYPR

Archer Ax53 Firmware

by TP-Link

CVEs (18)

  • CVE-2025-15608CriMar 20, 2026
    risk 0.64cvss 9.8epss 0.01

    This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote…

  • CVE-2025-15607CriMar 20, 2026
    risk 0.64cvss 9.8epss 0.02

    A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files and concatenation of unvalidated file content into shell commands, enabling authenticated attackers to inject and…

  • CVE-2026-0834HigJan 21, 2026
    risk 0.57cvss 8.8epss 0.00

    Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 (TDDP module) allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can…

  • CVE-2026-30818HigApr 8, 2026
    risk 0.52cvss 8.0epss 0.01

    An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may…

  • CVE-2026-30815HigApr 8, 2026
    risk 0.52cvss 8.0epss 0.01

    An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation…

  • CVE-2026-30814HigApr 8, 2026
    risk 0.52cvss 8.0epss 0.00

    A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a…

  • CVE-2026-30817MedApr 8, 2026
    risk 0.37cvss 5.7epss 0.00

    An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary…

  • CVE-2026-30816MedApr 8, 2026
    risk 0.37cvss 5.7epss 0.00

    An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed.  Successful exploitation may allow unauthorized access to arbitrary…

  • CVE-2025-62673Feb 3, 2026
    risk 0.00cvss epss 0.01

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects…

  • CVE-2025-62501Feb 3, 2026
    risk 0.00cvss epss 0.00

    SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if captured credentials are…

  • CVE-2025-62405Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the…

  • CVE-2025-62404Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected…

  • CVE-2025-61983Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields…

  • CVE-2025-61944Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields…

  • CVE-2025-59487Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset…

  • CVE-2025-59482Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the…

  • CVE-2025-58455Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected…

  • CVE-2025-58077Feb 3, 2026
    risk 0.00cvss epss 0.00

    Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of…