Archer Ax72 Sg V1 0
Monthly
Improper error handling in the TP-Link Archer AX72 (SG) v1.0 web management interface allows an authenticated administrative user to extract diagnostic command syntax by submitting invalid input to the network diagnostic feature. The disclosure is narrow - limited to command-line usage information for the underlying diagnostic utility - and does not expose credentials, configuration data, or sensitive system state. A vendor-released patch is available, no public exploit code has been identified, and the vulnerability carries no CISA KEV designation.
Improper error handling in the TP-Link Archer AX72 (SG) v1.0 web management interface allows an authenticated administrative user to extract diagnostic command syntax by submitting invalid input to the network diagnostic feature. The disclosure is narrow - limited to command-line usage information for the underlying diagnostic utility - and does not expose credentials, configuration data, or sensitive system state. A vendor-released patch is available, no public exploit code has been identified, and the vulnerability carries no CISA KEV designation.