CVE-2025-15035
HIGHCVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
2Description
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.
Analysis
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107. [CVSS 7.3 HIGH]
Technical Context
Classified as CWE-20 (Improper Input Validation). Affects Archer Axe75 Firmware. Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.
Affected Products
Vendor: Tp-Link. Product: Archer Axe75 Firmware.
Remediation
Monitor vendor advisories for a patch.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today