CVE-2025-15607

Sažetak

A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files and concatenation of unvalidated file content into shell commands, enabling authenticated attackers to inject and execute arbitrary commands. Successful exploitation may allow execution of malicious commands and ultimately full control of the device.

Reference

https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/us/support/faq/5025/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

20-03-2026 - 17:16

Objavljeno

20-03-2026 - 17:16