Command injection in TP-Link products - CVE-2025-15519

 

Command injection in TP-Link products - CVE-2025-15519

Published: March 25, 2026


Vulnerability identifier: #VU124534
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-15519
CWE-ID: CWE-77
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: TP-Link
Affected software:
Archer NX600
Archer NX500
Archer NX210
Archer NX200

Detailed vulnerability description

The vulnerability allows a remote user to execute arbitrary commands on the operating system, impacting confidentiality, integrity and availability of the device.

The vulnerability exists due to improper input handling in the modem management CLI command when parsing user input. A remote user can provide crafted input to execute arbitrary commands on the operating system, impacting confidentiality, integrity and availability of the device.


How to mitigate CVE-2025-15519

Install security update from vendor's website.

Sources