CVE-2026-0620

Name of the Vulnerable Software and Affected Versions TP-Link Archer AXE75 V1 (affected versions not specified)

Description The software on the TP-Link Archer AXE75 V1 Wi-Fi router has a flaw in its data protection mechanism when configured as a L2TP/IPSec VPN server. This can allow VPN connections using L2TP without IPSec protection, even when IPSec is enabled. This results in unencrypted VPN sessions, potentially exposing data transmitted and compromising confidentiality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.