← Voltar para CVEs
CVE-2025-15605
N/ADescricao
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/23/2026
Ultima modificacao3/24/2026
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-321
Referencias
https://www.tp-link.com/en/support/download/archer-nx200/#Firmware(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/en/support/download/archer-nx210/#Firmware(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/en/support/download/archer-nx500/#Firmware(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/en/support/download/archer-nx600/#Firmware(f23511db-6c3e-4e32-a477-6aa17d310630)
https://www.tp-link.com/us/support/faq/5027/(f23511db-6c3e-4e32-a477-6aa17d310630)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.