How to fix CVE-2025-62501?

Within 24 hours: Inventory all Archer AX53 devices in production and isolate them on segmented networks where possible. Within 7 days: Implement network segmentation to restrict direct internet access to affected devices, enable WPA3 encryption if available, and enforce strong administrative credentials (minimum 16 characters). Within 30 days: Evaluate replacement with patched router models or alternative vendors, contact TP-Link for patch ETA, and conduct network access reviews for unauthorized credential usage.

Is Archer Ax53 Firmware affected by CVE-2025-62501?

TP-Link Archer AX53 routers are vulnerable to credential theft through man-in-the-middle attacks, potentially compromising network access and sensitive data for any organization using this device.

CVE-2025-62501

HIGH

2026-02-03 f23511db-6c3e-4e32-a477-6aa17d310630

8.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

CVE Published

Feb 03, 2026 - 19:16 nvd

HIGH 8.1

Description

SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if captured credentials are reused.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120.

Analysis

Archer Ax53 Firmware versions up to 1.0 contains a vulnerability that allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) a (CVSS 8.1).

Technical Context

affects Archer Ax53 Firmware. SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if captured credentials are reused.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120.

Affected Products

Vendor: Tp-Link. Product: Archer Ax53 Firmware. Versions: up to 1.0.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +40

POC: 0

CVE-2025-62501 vulnerability details – vuln.today

Back

CVE-2025-62501

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-62501

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code