CVE-2025-15568 PUBLISHED

Command Injection Vulnerability on TP-Link Archer AXE75

Assigner: TPLink
Reserved: 06.02.2026 Published: 09.03.2026 Updated: 10.03.2026

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution (RCE) when the router is configured with sysmode=ap. Successful exploitation results in root-level privileges and impacts confidentiality, integrity and availability of the device.

This issue affects Archer AXE75 v1.6/v1.0: through 1.3.2 Build 20250107.

Metrics

CVSS 4.0

CVSS Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
CVSS Score: 8.5

Exploitability Metrics		Vulnerable System Impact Metrics		Subsequent System Impact Metrics
Attack Vector	Adjacent	Confidentiality	High	Confidentiality	Low
Attack Complexity	Low	Integrity	High	Integrity	Low
Attack Requirements	None	Availability	High	Availability	Low
Privileges Required	High
User Interaction	None

CVSS 4.0

Product Status

Vendor	TP-Link Systems Inc.
Product	Archer AXE75 v1.6/v1.0
Versions	Default: unaffected affected from 0 to 1.3.2 Build 20250107 (incl.)

References

Problem Types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE

Impacts

CAPEC-88 OS Command Injection