{"id":227649,"date":"2026-03-25T11:24:00","date_gmt":"2026-03-25T15:24:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/25\/tp-link-archer-nx-routers-vulnerable-to-firmware-takeover\/"},"modified":"2026-03-25T23:10:13","modified_gmt":"2026-03-26T03:10:13","slug":"tp-link-archer-nx-routers-vulnerable-to-firmware-takeover","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/25\/tp-link-archer-nx-routers-vulnerable-to-firmware-takeover\/","title":{"rendered":"TP-Link Archer NX routers vulnerable to firmware takeover"},"content":{"rendered":"

TP-Link Archer NX routers vulnerable to firmware takeover<\/a><\/p>\n

https:\/\/securityaffairs.com\/189980\/iot\/patch-now-tp-link-archer-nx-routers-vulnerable-to-firmware-takeover.html<\/a><\/p>\n

Publish Date: 2026-03-25 11:24:00<\/a><\/p>\n

Source Domain: securityaffairs.com<\/a><\/p>\n

Patch now: TP-Link Archer NX routers vulnerable to firmware takeover<\/h2>\n<\/p>\n

\t\t\t\t\t\t\t Pierluigi Paganini<\/span>
\n\t\t\t\t\t\t\t\"\"\/ March 25, 2026<\/span><\/p>\n

\t\t\t\t\t\t\"\"\/<\/p>\n

TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware.<\/h2>\n

TP-Link issued security updates for its Archer NX router series to fix multiple vulnerabilities, including CVE-2025-15517 (CVSS score of 8.6), a critical authentication bypass flaw. The vulnerability impacts multiple models, including NX200, NX210, NX500, and NX600. The flaw allows attackers to upload new firmware without privileges, creating a high risk of compromise if unpatched.<\/p>\n

\u201cA missing authentication check in the HTTP server to certain cgi endpoints allows unauthenticated access intended for authenticated users.\u201d reads the advisory<\/strong>. \u201cAn attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.\u201d<\/p>\n

TP-Link also removed a hardcoded cryptographic key in Configuration Encryption Mechanism, tracked as CVE-2025-15605 (CVSS score of 8.5). The vulnerability allowed authenticated attackers to decrypt configuration files, modify them, and re-encrypt them.<\/p>\n

\u201cA hardcoded cryptographic key within its configuration mechanism enables decryption and re-encryption of device configuration data.\u201d reads the advisory<\/strong>. \u201cAn authenticated attacker may decrypt configuration files, modify them and re-encrypt them, affecting confidentiality and integrity of device configuration data.\u201d<\/p>\n

Below is the list of impacted products\/versions and related fixes:<\/p>\n\n\n\n\n\n\n
Affected Product<\/strong><\/td>\nAffected Hardware Versions \/ Firmware Versions<\/strong><\/td>\n<\/tr>\n
Archer NX600<\/strong><\/td>\n\u2022 v3.0: \u2022 v2.0: \u2022 v1.0: <\/strong><\/td>\n<\/tr>\n
Archer NX500<\/strong><\/td>\n\u2022 v2.0: \u2022 v1.0: <\/strong><\/td>\n<\/tr>\n
Archer NX210<\/strong><\/td>\n\u2022 v3.0: \u2022 v2.0 & v2.20: <\/strong><\/td>\n<\/tr>\n
Archer NX200<\/strong><\/td>\n\u2022 v3.0: \u2022 v2.20: \u2022 v2.0: \u2022 v1.0: <\/strong><\/td>\n<\/tr>\n<\/table>\n

The vendor urges customers to download and install the latest firmware version to address…<\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

TP-Link Archer NX routers vulnerable to firmware takeover https:\/\/securityaffairs.com\/189980\/iot\/patch-now-tp-link-archer-nx-routers-vulnerable-to-firmware-takeover.html Publish Date: 2026-03-25 11:24:00 Source Domain:…<\/p>\n","protected":false},"author":1,"featured_media":227650,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/securityaffairs.com\/wp-content\/uploads\/2025\/10\/TP-Link.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[27],"class_list":["post-227649","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227649"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227649"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227649\/revisions"}],"predecessor-version":[{"id":227651,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227649\/revisions\/227651"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227650"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227649"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227649"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227649"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}