TP-Link Archer Vulnerability Let Attackers Take Control Over the Router

A security advisory reports CVE-2025-14756, a high-severity (CVSS v4.0 score 8.5) authenticated command injection flaw in TP-Link Archer MR600 v5 firmware (versions prior to v0001.0 Build 250930 Rel.63611n). Attackers with credentials can inject limited-length system commands via the admin interface, risking full device compromise; TP-Link advises immediate firmware updates and network segmentation as mitigations.