CVE-2025-15568
Command Injection Vulnerability on TP-Link Archer AXE75
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device. This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.
| CWE | CWE-78 |
| Vendor | tp-link systems inc. |
| Product | archer axe75 v1.6/v1.0 |
| Published | Mar 9, 2026 |
| Last Updated | Mar 13, 2026 |
Stay Ahead of the Next One
Get instant alerts for tp-link systems inc. archer axe75 v1.6/v1.0
Be the first to know when new unknown vulnerabilities affecting tp-link systems inc. archer axe75 v1.6/v1.0 are published β delivered to Slack, Telegram or Discord.
Get Free Alerts β
Free Β· No credit card Β· 60 sec setup
Affected Versions
TP-Link Systems Inc. / Archer AXE75 v1.6/v1.0
0 β€ 1.3.2 Build 20250107
References
tp-link.com: https://www.tp-link.com/us/support/download/archer-axe75/v1.60/#Firmware tp-link.com: https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware tp-link.com: https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware tp-link.com: https://www.tp-link.com/us/support/faq/5005/
Credits
Carlos AndrΓ©s Bello