Changeflow GovPing Data Privacy & Cybersecurity Critical Vulnerability in TP-Link Archer Products
Urgent Notice Amended Final

Critical Vulnerability in TP-Link Archer Products

Favicon for www.csa.gov.sg CSA Alerts & Advisories (Singapore)
Published
Detected
Email

Summary

The Cyber Security Agency of Singapore has issued a critical alert regarding multiple vulnerabilities in TP-Link Archer products (NX200, NX210, NX500, NX600). Users are strongly advised to update affected product firmware immediately to mitigate risks of unauthorized access and command execution.

Published by CSA on csa.gov.sg . Detected, standardized, and enriched by GovPing. Review our methodology and editorial standards .
View original document View source feed page

What changed

The Cyber Security Agency of Singapore (CSA) has issued a critical alert concerning multiple vulnerabilities affecting TP-Link Archer NX200, NX210, NX500, and NX600 products. These vulnerabilities, identified by CVE numbers CVE-2025-15517 through CVE-2025-15605, include authentication bypass and input validation flaws. Successful exploitation could allow unauthenticated attackers to perform privileged administrative actions, upload unauthorized firmware, or execute arbitrary commands on the device's operating system, compromising confidentiality, integrity, and availability.

Users and administrators of affected TP-Link Archer product versions are strongly advised to update their firmware to the latest available versions immediately. Failure to do so could expose their networks to significant security risks, including unauthorized access and data compromise. The advisory provides specific version numbers for affected hardware and firmware, directing users to TP-Link's support resources for patching instructions.

What to do next

  1. Update firmware on affected TP-Link Archer products to the latest versions immediately.
  2. Verify that the updated firmware versions address the identified vulnerabilities (CVE-2025-15517, CVE-2025-15518, CVE-2025-15519, CVE-2025-15605).

Archived snapshot

Mar 26, 2026

GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.

Alerts

Critical Vulnerability in TP-Link Archer Products

26 March 2026

TP-Link has released a security advisory addressing multiple vulnerabilities on TP-Link Archer products. Users and administrators of affected products are advised to update to the latest versions immediately.

Background

TP-Link has released a security advisory addressing multiple vulnerabilities (CVE-2025-15517, CVE-2025-15518, CVE-2025-15519 and CVE-2025-15605) on TP-Link Archer NX200, NX210, NX500 and NX600 products. The vulnerabilities include authentication bypass and input validation flaws that could allow attackers to gain unauthorised access or execute malicious commands.

Impact

Successful exploitation of these vulnerabilities could allow:

  • CVE-2025-15517: An unauthenticated attacker to perform privileged administrative actions via exposed Hypertext Transfer Protocol (HTTP) endpoints, which may result in unauthorised firmware uploads and configuration changes.

  • CVE-2025-15518 & CVE-2025-15519: An authenticated attacker with administrative privileges to execute arbitrary commands on the operating system, impacting the confidentiality, integrity, and availability of the device.

  • CVE-2025-15605: An unauthenticated attacker to decrypt, modify and re-encrypt configuration files, compromising the confidentiality and integrity of device configuration data.
    Affected Products

The following products hardware/firmware versions are affected by the vulnerabilities.

  • Versions prior to TP-Link Archer NX600

    • v3.0: < 1.3.0 Build 260309
    • v2.0: < 1.3.0 Build 260311
    • v1.0: < 1.4.0 Build 260311

  • Versions prior to TP-Link Archer NX500

    • v2.0: < 1.5.0 Build 260309
    • v1.0: < 1.3.0 Build 260311

  • Versions prior to TP-Link Archer NX210

    • v3.0: < 1.3.0 Build 260309
    • v2.0 & v2.20: < 1.3.0 Build 260311

  • Versions prior to TP-Link Archer NX200

    • v3.0: < 1.3.0 Build 260309
    • v2.20: < 1.3.0 Build 260311
    • v2.0: < 1.3.0 Build 260311
    • v1.0: < 1.8.0 Build 260311 Recommendations

Users and administrators of affected product versions are advised to update to the latest versions immediately.

References

https://www.bleepingcomputer.com/news/security/tp-link-warns-users-to-patch-critical-router-auth-bypass-flaw/

https://www.tp-link.com/us/support/faq/5027/

https://nvd.nist.gov/vuln/detail/CVE-2025-15517

https://nvd.nist.gov/vuln/detail/CVE-2025-15518

https://nvd.nist.gov/vuln/detail/CVE-2025-15519

https://nvd.nist.gov/vuln/detail/CVE-2025-15605

Back to top

Related changes

Favicon for www.csa.gov.sg Critical Vulnerabilities in Cisco Products
Urgent Apr 06, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity
Favicon for www.csa.gov.sg FortiClient EMS Critical Vulnerability Active Exploitation Hotfix Urged
Urgent Apr 06, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity
Favicon for www.csa.gov.sg F5 BIG-IP Critical Vulnerability Actively Exploited
Urgent Apr 06, 2026 CSA Alerts & Advisories (Singapore) Data Privacy & Cybersecurity

Get daily alerts for CSA Alerts & Advisories (Singapore)

Daily digest delivered to your inbox.

Free. Unsubscribe anytime.

Source

Favicon for www.csa.gov.sg
CSA Alerts & Advisories (Singapore) csa.gov.sg/alerts-advisories
Data Privacy & Cybersecurity

About this page

What is GovPing?

Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission

What's from the agency?

Source document text, dates, docket IDs, and authority are extracted directly from CSA.

What's AI-generated?

The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.

Last updated

Press inquiries →

Classification

Agency
CSA
Published
March 26th, 2026
Instrument
Notice
Legal weight
Non-binding
Stage
Final
Change scope
Substantive
Document ID
AL-2026-028

Who this affects

Applies to
Consumers Employers
Industry sector
4231 Wholesale Trade
Activity scope
Network Device Security Firmware Updates
Geographic scope
Singapore SG

Taxonomy

Primary area
Cybersecurity
Operational domain
IT Security
Compliance frameworks
NIST CSF
Topics
Product Security Network Security

Browse Categories

Agriculture & Food Safety 73 Banking & Finance 405 Consumer Protection 88 Courts & Legal 411 Data Privacy & Cybersecurity 84 Defense & National Security 53 Education 55 Energy 100 Environment 151 Gaming 2 Government & Legislation 431 Healthcare 15 Healthcare & Life Sciences 375 Immigration 10 Insurance 75 Labor & Employment 132 Pharma & Drug Safety 21 Professional Licensing 7 Real Estate & Housing 77 Securities & Markets 153 Tax 78 Telecom & Technology 50 Trade & Sanctions 141 Transportation 91

Get alerts for this source

We'll email you when CSA Alerts & Advisories (Singapore) publishes new changes.

Free. Unsubscribe anytime.

You're subscribed!