PT-2026-27165 · Tp Link · Archer Nx200+3

Saifeldeen Aziz

Publicado

2026-03-23

Atualizado

2026-03-28

CVE-2025-15605

CVSS v4.0

8.5

Alta

Vetor

AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions TP-Link Archer NX200 TP-Link Archer NX210 TP-Link Archer NX500 TP-Link Archer NX600

Description A cryptographic key that is hardcoded into the configuration mechanism allows decryption and re-encryption of device configuration data. An authenticated attacker can decrypt configuration files, modify them, and re-encrypt them, which impacts the confidentiality and integrity of the device configuration data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798CWE-321

Identificadores relacionados

CVE-2025-15605

Produtos afetados

Archer Nx200

Archer Nx210

Archer Nx500

Archer Nx600

PT-2026-27165 · Tp Link · Archer Nx200+3

CVE-2025-15605

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7