TP-Link Patches High-Severity Router Vulnerabilities

TP-Link has released patches for four high-severity vulnerabilities in Archer NX router models that could be exploited to fully compromise devices. The bugs, tracked as CVE-2025-15517, CVE-2025-15518, CVE-2025-15519, and CVE-2025-15605, were resolved in fresh firmware releases for the Archer NX200, NX210, NX500, and NX600 router models. The first of the flaws, CVE-2025-15517, allows attackers to bypass authentication and perform actions such as firmware uploads or configuration operations, TP-Link notes in its advisory. CVE-2026-15518 and CVE-2026-15519 are command injection bugs that require administrative privileges for successful exploitation, while CVE-2025-15605 exists because a hardcoded cryptographic key is used for configuration file encryption and decryption, allowing attackers to tamper with these files. The fixes were rolled out one day before Cisco’s Talos researchers published details on 10 vulnerabilities affecting TP-Link’s Archer AX53 routers, including nine memory safety flaws and one misconfiguration issue that could lead to credentials leak. Successful exploitation of these security defects could allow attackers to execute arbitrary code remotely on vulnerable devices or to leak credentials via a man‑in‑the‑middle (MITM) attack. Talos reported the vulnerabilities to TP-Link in October, and the vendor rolled out fixes for its Archer AX53 v1.0 routers in early February. Now, Talos has published technical details on all 10 bugs, as well as on 19 flaws in the Canva Affinity pixel and vector art manipulation tool, and one issue in Hikvision’s face recognition terminals. Of the Affinity security defects, 18 could be exploited to leak sensitive information and one to execute arbitrary code using specially crafted EMF files. The Hikvision vulnerability could be exploited remotely via specially crafted network packets to achieve arbitrary code execution. Related: BIND Updates Patch High-Severity Vulnerabilities Related: Cisco Patches Multiple Vulnerabilities in IOS Software Related: iOS, macOS 26.4 Roll Out With Fresh Security Patches Related: TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Onit Security Raises $11 Million for Exposure Management Platform iOS, macOS 26.4 Roll Out With Fresh Security Patches FCC Bans New Routers Made Outside the US Over National Security Risks From Trivy to Broad OSS Compromise: TeamPCP Hits Docker Hub, VS Code, PyPI Extortion Group Claims It Hacked AstraZeneca Chrome 146 Update Patches High-Severity Vulnerabilities 3.1 Million Impacted by QualDerm Data Breach Critical Citrix NetScaler Vulnerability Poised for Exploitation, Security Firms Warn Latest News RSAC 2026 Conference Announcements Summary (Days 3-4) Coruna iOS Exploit Kit Likely an Update to Operation Triangulation CISA Flags Critical PTC Vulnerability That Had German Police Mobilized Hightower Holding Data Breach Impacts 130,000 BIND Updates Patch High-Severity Vulnerabilities Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure Cisco Patches Multiple Vulnerabilities in IOS Software Alleged RedLine Malware Administrator Extradited to US Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move Moderna has promoted Farzan Karimi to Deputy Chief Information Security Officer. Brian Goldfarb has been appointed Chief Marketing Officer at SentinelOne. Token has appointed Katy Nelson as Chief Revenue Officer. More People On The Move Expert Insights Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose A Critical Flaw In Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat As Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) Flipboard Reddit Whatsapp Email