How to fix CVE-2025-58077?

Within 24 hours: Identify and inventory all Archer AX53 v1.0-1.3.1 devices in production and document their network criticality. Within 7 days: Implement network segmentation to restrict administrative access to these devices and disable unnecessary services where possible. Within 30 days: Establish a vendor contact escalation to obtain patched firmware or develop a device replacement strategy; consider alternative router deployments for critical network segments.

Is Heap Overflow affected by CVE-2025-58077?

A critical heap-based buffer overflow vulnerability in TP-Link Archer AX53 routers (versions 1.0-1.3.1) allows authenticated attackers on the same network to crash devices or potentially execute malicious code.

CVE-2025-58077

HIGH

2026-02-03 f23511db-6c3e-4e32-a477-6aa17d310630

8.0

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Feb 03, 2026 - 19:16 nvd

HIGH 8.0

Description

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120.

Analysis

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code

via a specially crafted set of network packets containing an excessive number of host entries

This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120. [CVSS 8.0 HIGH]

Technical Context

Classified as CWE-122 (Heap-based Buffer Overflow). Affects Archer Ax53 Firmware. Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code

via a specially crafted set of network packets containing an excessive number of host entries

This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120.

Affected Products

Vendor: Tp-Link. Product: Archer Ax53 Firmware. Versions: up to 1.0.

Remediation

Monitor vendor advisories for a patch. Enable ASLR, DEP/NX, and stack canaries where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +40

POC: 0

CVE-2025-58077 vulnerability details – vuln.today

Back

CVE-2025-58077

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-58077

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code