Tp-Link: >> Archer Axe75 >> 1.0 Security Vulnerabilities
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.
This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.
CVSS Score
8.5
EPSS Score
0.002
Published
2026-03-09
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands.
CVSS Score
8.0
EPSS Score
0.001
Published
2024-01-11
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitrary OS commands. The affected device, with the initial configuration, allows login only from the LAN port or Wi-Fi.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-01-11