Ddos 
TP-Link has issued an urgent security advisory for users of its high-performance Archer AXE75 routers. A newly discovered command injection flaw, tracked as CVE-2025-15568, could allow attackers to seize complete control of the device with root-level privileges.
The flaw is located within the router’s web management module. According to the advisory, the vulnerability is particularly potent when the device is operating in a specific configuration.
As the TP-Link advisory explains: “An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap”.
With a CVSS score of 8.5, the impact of this vulnerability is severe. A successful exploit doesn’t just grant access; it “impacts confidentiality, integrity and availability of the device” by providing the attacker with total administrative oversight.
The security gap affects a specific hardware version of the Archer AXE75 running older firmware.
| Affected Product Model | Affected Version |
| AXE75 v1.6/v1.0 | < = 1.3.2 Build 20250107 |
TP-Link “strongly recommend[s] that users with affected devices” take immediate action to secure their home networks. Users should download and install the latest firmware version provided by TP-Link to patch the injection hole.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
