Archer Axe75 Firmware
CVE-2025-15035
HIGH
Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.
AnalysisAI
Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107. [CVSS 7.3 HIGH]
Technical ContextAI
Classified as CWE-20 (Improper Input Validation). Affects Archer Axe75 Firmware. Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.
RemediationAI
Monitor vendor advisories for a patch.
More in Archer Axe75 Firmware
View allCommand injection in TP-Link Archer AXE75 router's web module allows authenticated adjacent-network attackers to execute
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker with access to the product to execute arbitr
Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port o
Same weakness CWE-20 – Improper Input Validation
View allShare
External POC / Exploit Code
Leaving vuln.today