← Back

CVE-2025-15035

nvd nist
Published: Jan 9, 2026Modified: Mar 9, 2026

JSON object

Loading...
6.9
Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: f23511db-6c3e-4e32-a477-6aa17d310630 (Secondary)

Description

Improper Input Validation vulnerability in TP-Link Archer AXE75 v1.6 (vpn modules) allows an authenticated adjacent attacker to delete arbitrary server file, leading to possible loss of critical system files and service interruption or degraded functionality.This issue affects Archer AXE75 v1.6: ≤ build 20250107.

Affected (1)

Tp Link
1 product
Archer Axe75 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Archer Axe75 Firmware
Up to 1.3.2
Running on/withPlatform Versions
Tp Link
Archer Axe75
Version 1.6

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (5)

Source: f23511db-6c3e-4e32-a477-6aa17d310630
Third Party Advisory
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Product
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Product
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Vendor Advisory
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Product

Timeline

No history available yet.