PT-2026-6013 · Tp Link · Archer Axe75 V1

Henry Martinez

Published

2026-02-03

Updated

2026-02-03

CVE-2026-0620

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions TP-Link Archer AXE75 V1 (affected versions not specified)

Description The software on the TP-Link Archer AXE75 V1 Wi-Fi router has a flaw in its data protection mechanism when configured as a L2TP/IPSec VPN server. This can allow VPN connections using L2TP without IPSec protection, even when IPSec is enabled. This results in unencrypted VPN sessions, potentially exposing data transmitted and compromising confidentiality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-693

Related Identifiers

BDU:2026-02130

CVE-2026-0620

Affected Products

Archer Axe75 V1

PT-2026-6013 · Tp Link · Archer Axe75 V1

CVE-2026-0620

Weakness Enumeration

Related Identifiers

Affected Products

References · 5