RCE in Tp-link Systems Inc. Archer Nx200 V1.0

CVE-2025-15518

Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrat…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.001 (24.9th percentile) — read the EPSS interpretation.

Affected products

Tp-link Systems Inc. Archer Nx200 V1.0 — versions 0
Tp-link Systems Inc. Archer Nx200 V2.0 — versions 0
Tp-link Systems Inc. Archer Nx200 V2.20 — versions 0
Tp-link Systems Inc. Archer Nx200 V3.0 — versions 0
Tp-link Systems Inc. Archer Nx210 V2.0 V2.20 — versions 0
Tp-link Systems Inc. Archer Nx210 V3.0 — versions 0
Tp-link Systems Inc. Archer Nx500 V1.0 — versions 0
Tp-link Systems Inc. Archer Nx500 V2.0 — versions 0
Tp-link Systems Inc. Archer Nx600 V1.0 — versions 0
Tp-link Systems Inc. Archer Nx600 V2.0 — versions 0

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

www.tp-link.com/en/support/download/archer-nx200/ (patch)
www.tp-link.com/en/support/download/archer-nx210/ (patch)
www.tp-link.com/en/support/download/archer-nx500/ (patch)
www.tp-link.com/en/support/download/archer-nx600/ (patch)
www.tp-link.com/us/support/faq/5027/ (vendor-advisory)