Multiple vulnerabilities in specific TP-Link Archer router models, including remote code execution and privilege escalation, can be exploited by a remote attacker. Affected versions include Archer AX53 v1 below V1_251029, Archer NX200 v1.0 below 1.8.0 Build 260311, and numerous other listed NX-series models below their specified build numbers. The solution is to apply the fixes provided by the vendor via the linked support pages, as specific patched version numbers are not stated in the bulletin.
Multiple vulnerabilities were identified in TP-Link Router. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, elevation of privilege, sensitive information disclosure and data manipulation on the targeted system. Impact Data Manipulation Information Disclosure Elevation of Privilege Denial of Service Remote Code Execution System / Technologies affected Archer AX53 v1 versions below V1_251029 Archer NX200 v1.0 versions below 1.8.0 Build 260311 Archer NX200 v2.0 versions below 1.3.0 Build 260311 Archer NX200 v2.20 versions below 1.3.0 Build 260311 Archer NX200 v3.0 versions below 1.3.0 Build 260309 Archer NX210 v2.0 versions below 1.3.0 Build 260311 Archer NX210 v2.20 versions below 1.3.0 Build 260311 Archer NX210 v3.0 versions below 1.3.0 Build 260309 Archer NX500 v1.0 versions below 1.3.0 Build 260311 Archer NX500 v2.0 versions below 1.5.0 Build 260309 Archer NX600 v1.0 versions below 1.4.0 Build 260311 Archer NX600 v2.0 versions below 1.3.0 Build 260311 Archer NX600 v3.0 versions below 1.3.0 Build 260309 Solutions Before installation of the software, please visit the vendor web-site for more details. Apply fixes issued by the vendor: https://www.tp-link.com/us/support/faq/5025/ https://www.tp-link.com/us/support/faq/5027/