CVE-2025-14756

Name of the Vulnerable Software and Affected Versions TP-Link Archer MR600 version v5

Description A command injection issue exists in the admin interface component. Authenticated attackers can execute system commands with a limited character length through crafted input in the browser developer console, potentially causing service disruption or full system compromise. The vulnerability is present when interacting with the admin interface. The vulnerable component allows execution of commands via the browser console.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.