Search criteria
8 vulnerabilities found for archer_axe75_firmware by tp-link
CVE-2025-15568 (GCVE-0-2025-15568)
Vulnerability from nvd – Published: 2026-03-09 16:19 – Updated: 2026-03-13 18:47
VLAI?
Title
Command Injection Vulnerability on TP-Link Archer AXE75
Summary
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.
This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
4 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | Archer AXE75 v1.6/v1.0 |
Affected:
0 , ≤ 1.3.2 Build 20250107
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T03:55:28.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"web"
],
"product": "Archer AXE75 v1.6/v1.0",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "1.3.2 Build 20250107",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Carlos Andr\u00e9s Bello"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.\n\n\u003cp\u003eThis issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.\u003c/p\u003e"
}
],
"value": "A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.\n\nThis issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:47:10.993Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1.60/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tp-link.com/us/support/faq/5005/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command Injection Vulnerability on TP-Link Archer AXE75",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-15568",
"datePublished": "2026-03-09T16:19:05.777Z",
"dateReserved": "2026-02-06T17:04:43.464Z",
"dateUpdated": "2026-03-13T18:47:10.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15035 (GCVE-0-2025-15035)
Vulnerability from nvd – Published: 2026-01-09 17:10 – Updated: 2026-01-09 18:36
VLAI?
Title
Arbitrary File Deletion Vulnerability in TP-Link Archer AXE75
Summary
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
5 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | Archer AXE75 v1.6 |
Affected:
0 , ≤ build 20250107
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15035",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:46:12.475127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:36:41.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"vpn"
],
"product": "Archer AXE75 v1.6",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "build 20250107",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yiheng An, Zhibin Zhang, Haozhe Zhang"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.\u003cp\u003eThis issue affects Archer AXE75 v1.6: \u2264 build 20250107.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: \u2264 build 20250107."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T17:10:39.477Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"url": "https://github.com/PaloAltoNetworks/u42-vulnerability-disclosures/tree/master/2025/PANW-2025-0004"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tp-link.com/phppage/preview.php?url=https://www.tp-link.com/en/support/faq/4881/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Arbitrary File Deletion Vulnerability in TP-Link Archer AXE75",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-15035",
"datePublished": "2026-01-09T17:10:39.477Z",
"dateReserved": "2025-12-22T21:12:18.518Z",
"dateUpdated": "2026-01-09T18:36:41.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-21833 (GCVE-0-2024-21833)
Vulnerability from nvd – Published: 2024-01-10 23:25 – Updated: 2025-06-16 18:26
VLAI?
Summary
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
Severity ?
8.8 (High)
CWE
- OS command injection
Assigner
References
6 references
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link | Archer AX3000 |
Affected:
firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AX5400 |
Affected:
firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AXE75 |
Affected:
firmware versions prior to "Archer AXE75(JP)_V1_231115"
|
|
| TP-Link | Deco X50 |
Affected:
firmware versions prior to "Deco X50(JP)_V1_1.4.1 Build 20231122"
|
|
| TP-Link | Deco XE200 |
Affected:
firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120"
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "archer_ax3000",
"vendor": "tp-link",
"versions": [
{
"lessThan": "ax3000(jp)_v1_1.1.2_build 20231115\"",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "archer_ax5400",
"vendor": "tp-link",
"versions": [
{
"lessThan": "ax5400(jp)_v1_1.1.2_build_20231115",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tp-link:archer_axe75:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "archer_axe75",
"vendor": "tp-link",
"versions": [
{
"lessThan": "axe75(jp)_ v1_231115",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:tp-link:deco_x50:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "deco_x50",
"vendor": "tp-link",
"versions": [
{
"lessThan": "deco_x50(jp)_V1_1.4.1_build 20231122\"",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:tp-link:deco_xe200:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "deco_xe200",
"vendor": "tp-link",
"versions": [
{
"lessThan": "deco_xe200(jp)_v1_1.2.5_build 20231120\"",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-21833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-11T19:14:12.454572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T18:26:24.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Archer AX3000",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AX5400",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AXE75",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AXE75(JP)_V1_231115\""
}
]
},
{
"product": "Deco X50",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Deco X50(JP)_V1_1.4.1 Build 20231122\""
}
]
},
{
"product": "Deco XE200",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Deco XE200(JP)_V1_1.2.5 Build 20231120\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T23:03:48.528Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-21833",
"datePublished": "2024-01-10T23:25:25.755Z",
"dateReserved": "2024-01-04T00:17:53.070Z",
"dateUpdated": "2025-06-16T18:26:24.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21821 (GCVE-0-2024-21821)
Vulnerability from nvd – Published: 2024-01-10 23:25 – Updated: 2025-06-17 20:05
VLAI?
Summary
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
Severity ?
CWE
- OS command injection
Assigner
References
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link | Archer AX3000 |
Affected:
firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AX5400 |
Affected:
firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AXE75 |
Affected:
firmware versions prior to "Archer AXE75(JP)_V1_231115"
|
|
| TP-Link | Archer Air R5 |
Affected:
firmware versions prior to "Archer Air R5(JP)_V1_1.1.6 Build 20240508"
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-air-r5/v1/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-21821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T20:04:42.959856Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:05:42.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Archer AX3000",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AX5400",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AXE75",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AXE75(JP)_V1_231115\""
}
]
},
{
"product": "Archer Air R5",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer Air R5(JP)_V1_1.1.6 Build 20240508\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T23:04:01.432Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-air-r5/v1/#Firmware"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-21821",
"datePublished": "2024-01-10T23:25:07.433Z",
"dateReserved": "2024-01-04T00:17:52.223Z",
"dateUpdated": "2025-06-17T20:05:42.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-15568 (GCVE-0-2025-15568)
Vulnerability from cvelistv5 – Published: 2026-03-09 16:19 – Updated: 2026-03-13 18:47
VLAI?
Title
Command Injection Vulnerability on TP-Link Archer AXE75
Summary
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.
This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.
Severity ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
4 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | Archer AXE75 v1.6/v1.0 |
Affected:
0 , ≤ 1.3.2 Build 20250107
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15568",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T03:55:28.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"web"
],
"product": "Archer AXE75 v1.6/v1.0",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "1.3.2 Build 20250107",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Carlos Andr\u00e9s Bello"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.\n\n\u003cp\u003eThis issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.\u003c/p\u003e"
}
],
"value": "A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.\n\nThis issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-13T18:47:10.993Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1.60/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tp-link.com/us/support/faq/5005/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Command Injection Vulnerability on TP-Link Archer AXE75",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-15568",
"datePublished": "2026-03-09T16:19:05.777Z",
"dateReserved": "2026-02-06T17:04:43.464Z",
"dateUpdated": "2026-03-13T18:47:10.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15035 (GCVE-0-2025-15035)
Vulnerability from cvelistv5 – Published: 2026-01-09 17:10 – Updated: 2026-01-09 18:36
VLAI?
Title
Arbitrary File Deletion Vulnerability in TP-Link Archer AXE75
Summary
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
5 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link Systems Inc. | Archer AXE75 v1.6 |
Affected:
0 , ≤ build 20250107
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15035",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:46:12.475127Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:36:41.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"vpn"
],
"product": "Archer AXE75 v1.6",
"vendor": "TP-Link Systems Inc.",
"versions": [
{
"lessThanOrEqual": "build 20250107",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yiheng An, Zhibin Zhang, Haozhe Zhang"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.\u003cp\u003eThis issue affects Archer AXE75 v1.6: \u2264 build 20250107.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: \u2264 build 20250107."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T17:10:39.477Z",
"orgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"shortName": "TPLink"
},
"references": [
{
"url": "https://github.com/PaloAltoNetworks/u42-vulnerability-disclosures/tree/master/2025/PANW-2025-0004"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"patch"
],
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/v1/#Firmware"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.tp-link.com/phppage/preview.php?url=https://www.tp-link.com/en/support/faq/4881/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Arbitrary File Deletion Vulnerability in TP-Link Archer AXE75",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f23511db-6c3e-4e32-a477-6aa17d310630",
"assignerShortName": "TPLink",
"cveId": "CVE-2025-15035",
"datePublished": "2026-01-09T17:10:39.477Z",
"dateReserved": "2025-12-22T21:12:18.518Z",
"dateUpdated": "2026-01-09T18:36:41.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-21833 (GCVE-0-2024-21833)
Vulnerability from cvelistv5 – Published: 2024-01-10 23:25 – Updated: 2025-06-16 18:26
VLAI?
Summary
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
Severity ?
8.8 (High)
CWE
- OS command injection
Assigner
References
6 references
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link | Archer AX3000 |
Affected:
firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AX5400 |
Affected:
firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AXE75 |
Affected:
firmware versions prior to "Archer AXE75(JP)_V1_231115"
|
|
| TP-Link | Deco X50 |
Affected:
firmware versions prior to "Deco X50(JP)_V1_1.4.1 Build 20231122"
|
|
| TP-Link | Deco XE200 |
Affected:
firmware versions prior to "Deco XE200(JP)_V1_1.2.5 Build 20231120"
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "archer_ax3000",
"vendor": "tp-link",
"versions": [
{
"lessThan": "ax3000(jp)_v1_1.1.2_build 20231115\"",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "archer_ax5400",
"vendor": "tp-link",
"versions": [
{
"lessThan": "ax5400(jp)_v1_1.1.2_build_20231115",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tp-link:archer_axe75:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "archer_axe75",
"vendor": "tp-link",
"versions": [
{
"lessThan": "axe75(jp)_ v1_231115",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:tp-link:deco_x50:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "deco_x50",
"vendor": "tp-link",
"versions": [
{
"lessThan": "deco_x50(jp)_V1_1.4.1_build 20231122\"",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:tp-link:deco_xe200:1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "deco_xe200",
"vendor": "tp-link",
"versions": [
{
"lessThan": "deco_xe200(jp)_v1_1.2.5_build 20231120\"",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-21833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-11T19:14:12.454572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T18:26:24.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Archer AX3000",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AX5400",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AXE75",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AXE75(JP)_V1_231115\""
}
]
},
{
"product": "Deco X50",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Deco X50(JP)_V1_1.4.1 Build 20231122\""
}
]
},
{
"product": "Deco XE200",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Deco XE200(JP)_V1_1.2.5 Build 20231120\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T23:03:48.528Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-21833",
"datePublished": "2024-01-10T23:25:25.755Z",
"dateReserved": "2024-01-04T00:17:53.070Z",
"dateUpdated": "2025-06-16T18:26:24.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21821 (GCVE-0-2024-21821)
Vulnerability from cvelistv5 – Published: 2024-01-10 23:25 – Updated: 2025-06-17 20:05
VLAI?
Summary
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
Severity ?
CWE
- OS command injection
Assigner
References
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| TP-Link | Archer AX3000 |
Affected:
firmware versions prior to "Archer AX3000(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AX5400 |
Affected:
firmware versions prior to "Archer AX5400(JP)_V1_1.1.2 Build 20231115"
|
|
| TP-Link | Archer AXE75 |
Affected:
firmware versions prior to "Archer AXE75(JP)_V1_231115"
|
|
| TP-Link | Archer Air R5 |
Affected:
firmware versions prior to "Archer Air R5(JP)_V1_1.1.6 Build 20240508"
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tp-link.com/jp/support/download/archer-air-r5/v1/#Firmware"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-21821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T20:04:42.959856Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:05:42.917Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Archer AX3000",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AX5400",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\""
}
]
},
{
"product": "Archer AXE75",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer AXE75(JP)_V1_231115\""
}
]
},
{
"product": "Archer Air R5",
"vendor": "TP-Link",
"versions": [
{
"status": "affected",
"version": "firmware versions prior to \"Archer Air R5(JP)_V1_1.1.6 Build 20240508\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS command injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-03T23:04:01.432Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware"
},
{
"url": "https://www.tp-link.com/jp/support/download/archer-air-r5/v1/#Firmware"
},
{
"url": "https://jvn.jp/en/vu/JVNVU91401812/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2024-21821",
"datePublished": "2024-01-10T23:25:07.433Z",
"dateReserved": "2024-01-04T00:17:52.223Z",
"dateUpdated": "2025-06-17T20:05:42.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}