52
CVEs
0
Critical
43
High
0
KEV
0
PoC
18
Unpatched C/H
51.9%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
43
MEDIUM
8
LOW
0
Monthly CVE Trend
Affected Products (30)
Command Injection
22
Ex1200t Firmware
19
X15 Firmware
16
Heap Overflow
12
Archer Be230 Firmware
11
Archer Ax53 Firmware
11
T10 Firmware
7
A3002r Firmware
6
Stack Overflow
5
Memory Corruption
4
A3002ru Firmware
4
Archer C20 Firmware
3
Archer Ax3000 Firmware
3
IoT
3
Archer Ax5400 Firmware
3
Tl Wr841Nd Firmware
3
Archer Axe75 Firmware
3
A702r Firmware
3
N302r Plus Firmware
2
Null Pointer Dereference
2
Deco Be25 Firmware
2
Tapo C260 Firmware
2
Deco Xe200 Firmware
2
Deco X50 Firmware
2
Tl Wr841Nd V11 Firmware
2
Tl Wr940n Firmware
2
Archer Be400 Firmware
1
Tl Sg108E Firmware
1
T6 Firmware
1
Kp303 Firmware
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-14756 | Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser developer console, possibly leading to service disruption or full compromise. [CVSS 8.8 HIGH] | HIGH | 8.8 | 0.3% | 44 |
No patch
|
| CVE-2026-0652 | Authenticated attackers can execute arbitrary commands on TP-Link Tapo C260 v1 cameras through command injection in POST parameters during configuration synchronization, potentially achieving complete device compromise. The vulnerability stems from insufficient input validation and affects confidentiality, integrity, and availability with no patch currently available. | HIGH | 8.8 | 0.2% | 44 |
No patch
|
| CVE-2026-1457 | Remote code execution in TP-Link VIGI C385 cameras results from improper input validation in the Web API that allows authenticated attackers to trigger buffer overflows and corrupt memory. An attacker with valid credentials can exploit this vulnerability to execute arbitrary code with elevated privileges on affected devices. No patch is currently available for this high-severity issue. | HIGH | 8.8 | 0.1% | 44 |
No patch
|
| CVE-2025-15557 | An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on the same network segment to intercept and modify encrypted device-cloud communications. [CVSS 8.8 HIGH] | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-0834 | Unauthenticated adjacent network attackers can exploit a logic vulnerability in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0 to execute administrative commands such as factory reset and device reboot without credentials. This allows attackers to cause loss of device configuration and service disruption on vulnerable routers. No patch is currently available for this high-severity vulnerability affecting both router models. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-34121 | TP-Link Tapo C520WS v2.6 contains an authentication bypass in its HTTP-based DS configuration service that allows unauthenticated attackers to execute privileged device configuration actions by appending authentication-exempt parameters to requests. The vulnerability stems from inconsistent JSON request parsing and authorization logic, enabling unauthorized modification of device state without requiring valid credentials. No public exploit code has been identified at time of analysis, and a vendor-released patch is available. | HIGH | 8.7 | 0.1% | 44 |
|
| CVE-2025-15517 | A missing authentication check in the HTTP server of TP-Link Archer NX-series routers (NX200, NX210, NX500, NX600) allows unauthenticated attackers to access privileged CGI endpoints intended for authenticated administrators. An attacker can perform critical operations including firmware upload and configuration changes without providing valid credentials, effectively gaining administrative control over the device. A vendor patch is available, and this vulnerability represents a direct authentication bypass with severe real-world exploitation potential. | HIGH | 8.6 | 0.0% | 43 |
|
| CVE-2026-3841 | A command injection vulnerability has been identified in the Telnet command-line interface (CLI) of TP-Link TL-MR6400 v5.3. This issue is caused by insufficient sanitization of data processed during specific CLI operations. | HIGH | 8.5 | 0.5% | 43 |
No patch
|
| CVE-2026-3227 | Authenticated attackers can achieve root-level command execution on TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 routers by uploading a malicious configuration file through the import function, exploiting improper input validation in the port-trigger processing logic. Successful exploitation grants complete control over the affected device, allowing full compromise of the router and any connected network. A patch is available for this high-severity vulnerability. | HIGH | 8.5 | 0.4% | 43 |
|
| CVE-2025-15518 | A command injection vulnerability exists in the wireless-control administrative CLI command of TP-Link Archer NX series routers (models NX200, NX210, NX500, and NX600) due to improper input handling that allows crafted input to be executed as part of operating system commands. An authenticated attacker with administrative privileges can exploit this vulnerability to execute arbitrary commands on the device, compromising confidentiality, integrity, and availability. Patches are available from the vendor for all affected models and versions. | HIGH | 8.5 | 0.0% | 43 |
|
| CVE-2025-15519 | A command injection vulnerability exists in the modem-management administrative CLI of TP-Link Archer NX-series routers (NX200, NX210, NX500, NX600) due to improper input handling in CLI commands. An authenticated attacker with administrative privileges can inject crafted input into vulnerable CLI parameters to execute arbitrary operating system commands, compromising the confidentiality, integrity, and availability of the device. A patch is available from TP-Link, and no public exploit or active exploitation has been confirmed at this time. | HIGH | 8.5 | 0.0% | 43 |
|
| CVE-2025-15605 | A hardcoded cryptographic key in the configuration mechanism of TP-Link Archer NX series routers (NX200, NX210, NX500, NX600) allows authenticated attackers to decrypt, modify, and re-encrypt device configuration files, compromising both confidentiality and integrity of router settings. This vulnerability affects multiple hardware versions across all four product lines, with patches now available from the vendor. While no public exploit code or active KEV status has been reported, the authenticated attack requirement and widespread deployment of these consumer routers present moderate real-world risk. | HIGH | 8.5 | 0.0% | 43 |
|
| CVE-2026-30815 | OS command injection in TP-Link Archer AX53 v1.0 OpenVPN module allows authenticated adjacent attackers to execute arbitrary system commands through maliciously crafted configuration files. Exploitation requires high-privilege adjacency access but enables complete device compromise including configuration modification, credential disclosure, and persistent backdoor installation. Affects AX53 v1.0 firmware prior to 1.7.1 Build 20260213. No public exploit identified at time of analysis. | HIGH | 8.5 | 0.3% | 42 |
|
| CVE-2026-30818 | OS command injection in TP-Link Archer AX53 v1.0 dnsmasq module allows authenticated adjacent attackers to execute arbitrary code through maliciously crafted configuration files. Successful exploitation enables device configuration modification, sensitive data access, and complete system compromise. Affects TP-Link Archer AX53 v1.0 firmware versions prior to 1.7.1 Build 20260213. Requires high-privilege adjacent network access (CVSS:4.0 AV:A/PR:H). No public exploit identified at time of analysis. | HIGH | 8.5 | 0.4% | 42 |
|
| CVE-2025-62501 | Archer Ax53 Firmware versions up to 1.0 contains a vulnerability that allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) a (CVSS 8.1). | HIGH | 8.1 | 0.0% | 41 |
No patch
|