CVE-2025-15605
Hardcoded Cryptographic Key in Configuration Encryption Mechanism on TP-Link Archer NX200, NX210, NX500 and NX600
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.
| CWE | CWE-321 |
| Vendor | tp-link systems inc. |
| Product | archer nx600 v3.0 |
| Published | Mar 23, 2026 |
| Last Updated | Mar 24, 2026 |
Stay Ahead of the Next One
Get instant alerts for tp-link systems inc. archer nx600 v3.0
Be the first to know when new unknown vulnerabilities affecting tp-link systems inc. archer nx600 v3.0 are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
TP-Link Systems Inc. / Archer NX600 v3.0
0 < 1.3.0 Build 260309
TP-Link Systems Inc. / Archer NX600 v2.0
0 < 1.3.0 Build 260311
TP-Link Systems Inc. / Archer NX600 v1.0
0 < 1.4.0 Build 260311
TP-Link Systems Inc. / Archer NX500 v2.0
0 < < 1.5.0 Build 260309
TP-Link Systems Inc. / Archer NX500 v1.0
0 < 1.3.0 Build 260311
TP-Link Systems Inc. / Archer NX210 v3.0
0 < 1.3.0 Build 260309
TP-Link Systems Inc. / Archer NX210 v2.0 v2.20
0 < 1.3.0 Build 260311
TP-Link Systems Inc. / Archer NX200 v3.0
0 < < 1.3.0 Build 260309
TP-Link Systems Inc. / Archer NX200 v2.20
0 < 1.3.0 Build 260311
TP-Link Systems Inc. / Archer NX200 v2.0
0 < 1.3.0 Build 260311
TP-Link Systems Inc. / Archer NX200 v1.0
0 < 1.8.0 Build 260311
References
tp-link.com: https://www.tp-link.com/en/support/download/archer-nx200/#Firmware tp-link.com: https://www.tp-link.com/en/support/download/archer-nx210/#Firmware tp-link.com: https://www.tp-link.com/en/support/download/archer-nx500/#Firmware tp-link.com: https://www.tp-link.com/en/support/download/archer-nx600/#Firmware tp-link.com: https://www.tp-link.com/us/support/faq/5027/
Credits
Saifeldeen Aziz from Cyshield