CVE-2025-15518 – TP-Link Multiple High Severity Vulnerabilities
“When core network devices weaken, everything behind them is exposed.”
This patch addresses five high severity vulnerabilities in TP-Link devices: CVE-2025-15517, CVE-2025-15518, CVE-2025-15519, CVE-2025-15605, and CVE-2025-62673. These issues impact network-facing components and could allow attackers to gain unauthorized access, alter configurations, or disrupt network operations. CVE-2025-15517 has a CVSS score of 8.6, which is High severity. CVE-2025-15518 has a CVSS score of 8.5, which is High severity. CVE-2025-15519 has a CVSS score of 8.5, which is High severity. CVE-2025-15605 has a CVSS score of 8.5, which is High severity. CVE-2025-62673 has a CVSS score of 8.6, which is High severity.
There is no verified evidence of active exploitation or publicly available proof-of-concept code for these vulnerabilities. However, given that TP-Link devices often sit at the edge of networks, these weaknesses present a serious risk if exploited, especially in environments with exposed management interfaces.
Key Details
- Affected Product
- Tp-link Archer Nx600 Firmware
- Attack Vector
- Network
- Attack Complexity
- Low
- Privileges Required
- High
- User Interaction
- None
- CWE Classification
- CWE-78