Search
Find a vulnerability
Search criteria
2 vulnerabilities found for AXE75 by TP-Link Systems Inc.
CVE-2026-0620 (GCVE-0-2026-0620)
Vulnerability from nvd – Published: 2026-02-03 18:05 – Updated: 2026-02-04 20:46
VLAI
EPSS
VEX
Title
L2TP over IPSec Encryption Failure on ArcherAXE75
Summary
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.tp-link.com/en/support/download/arche… | patch |
| https://www.tp-link.com/us/support/download/arche… | patch |
| https://www.tp-link.com/us/support/faq/4942/ | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | AXE75 |
Affected:
0 , < <1.5.1 Build 20251202
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T20:46:07.340397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T20:46:15.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"L2TP VPN"
],
"product": "AXE75",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThan": "\u003c1.5.1 Build 20251202",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Henry Martinez"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled.\u0026nbsp;\u0026nbsp;This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality."
}
],
"value": "When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled.\u00a0\u00a0This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T18:05:44.077Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tp-link.com/us/support/faq/4942/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "L2TP over IPSec Encryption Failure on ArcherAXE75",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2026-0620",
"datePublished": "2026-02-03T18:05:44.077Z",
"dateReserved": "2026-01-05T19:17:01.519Z",
"dateUpdated": "2026-02-04T20:46:15.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0620 (GCVE-0-2026-0620)
Vulnerability from cvelistv5 – Published: 2026-02-03 18:05 – Updated: 2026-02-04 20:46
VLAI
EPSS
VEX
Title
L2TP over IPSec Encryption Failure on ArcherAXE75
Summary
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.tp-link.com/en/support/download/arche… | patch |
| https://www.tp-link.com/us/support/download/arche… | patch |
| https://www.tp-link.com/us/support/faq/4942/ | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | AXE75 |
Affected:
0 , < <1.5.1 Build 20251202
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0620",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T20:46:07.340397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T20:46:15.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"L2TP VPN"
],
"product": "AXE75",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThan": "\u003c1.5.1 Build 20251202",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Henry Martinez"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled.\u0026nbsp;\u0026nbsp;This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality."
}
],
"value": "When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled.\u00a0\u00a0This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-03T18:05:44.077Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tp-link.com/us/support/faq/4942/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "L2TP over IPSec Encryption Failure on ArcherAXE75",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2026-0620",
"datePublished": "2026-02-03T18:05:44.077Z",
"dateReserved": "2026-01-05T19:17:01.519Z",
"dateUpdated": "2026-02-04T20:46:15.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}