Vulnerability in Tp-link Systems Inc. Archer Ax53 V1.0

CVE-2025-62501

SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if…

EPSS: 0.000 (5.9th percentile) — read the EPSS interpretation.

Affected products

Tp-link Systems Inc. Archer Ax53 V1.0 — versions 0

Weakness classification (CWE)

CWE-322 — Key Exchange without Entity Authentication

References

talosintelligence.com/vulnerability_reports/
www.tp-link.com/en/support/download/archer-ax53/v1/ (patch)
www.tp-link.com/my/support/download/archer-ax53/v1/ (patch)
www.tp-link.com/us/support/faq/4943/ (vendor-advisory)