VYPR

Archer NX200, NX210, NX500, NX600

by TP-Link

CVEs (2)

  • CVE-2025-15517HigMar 23, 2026
    risk 0.53cvss 8.1epss 0.03

    A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware…

  • CVE-2025-15605HigMar 23, 2026
    risk 0.47cvss 7.3epss 0.00

    A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them,…