TP-Link released firmware updates for Archer NX200, NX210, NX500, and NX600 routers to fix multiple vulnerabilities, including a critical authentication bypass that can allow attackers to upload new firmware. The updates also remove a hardcoded cryptographic key, patch command injection bugs, and follow prior exploited TP‑Link flaws linked to the Quad7 botnet and regulatory/legal scrutiny. #TPLink #Quad7
Keypoints
- TP-Link patched several vulnerabilities affecting Archer NX200, NX210, NX500, and NX600 routers.
- CVE-2025-15517 is a critical missing authentication flaw that can enable unauthenticated firmware uploads.
- CVE-2025-15605 removed a hardcoded cryptographic key that could let attackers decrypt and modify configuration files.
- CVE-2025-15518 and CVE-2025-15519 are command injection vulnerabilities that allow admins to execute arbitrary commands.
- TP-Link strongly urged customers to install the latest firmware amid past exploited flaws and ongoing threats tied to Quad7 and legal action by the Texas Attorney General.