CVE-2025-15518

Name of the Vulnerable Software and Affected Versions TP-Link Archer NX200 TP-Link Archer NX210 TP-Link Archer NX500 TP-Link Archer NX600

Description A flaw exists in the handling of input within an administrative command-line interface (CLI) used for wireless control. This allows a specially crafted input to be executed as part of an operating system command. An attacker who is already authenticated and possesses administrative privileges can execute arbitrary commands on the system, potentially compromising the confidentiality, integrity, and availability of the device. The vulnerable component is a wireless-control administrative CLI command. The input is manipulated to be executed as part of an operating system command. The vulnerable parameters or variables are not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.