Multiple Vulnerabilities in TP-Link Devices Enable Arbitrary Command Execution

TP-Link published a critical advisory for Archer NX200/NX210/NX500/NX600 routers detailing four high-severity vulnerabilities (CVE-2025-15517, CVE-2026-15518, CVE-2026-15519, CVE-2025-15605) that enable authentication bypass, command injection, and decryption/alteration of configurations via a hardcoded key; users are advised to verify hardware versions and apply vendor firmware updates for the specified builds.