好的,我现在需要帮用户总结一篇文章的内容,控制在100字以内,并且不要以“文章内容总结”或“这篇文章”开头。首先,我得仔细阅读用户提供的文章,抓住关键信息。 文章主要讲的是TP-Link修复了Archer NX路由器的两个高危漏洞。第一个漏洞CVE-2025-15517,CVSS评分8.6,允许攻击者绕过认证上传恶意固件。第二个漏洞CVE-2025-15605,评分8.5,涉及硬编码密钥,让攻击者能解密和重新加密配置文件。 接下来,我需要将这些信息浓缩到100字以内。要确保涵盖漏洞名称、影响、修复措施以及可能的安全风险。同时,语言要简洁明了,避免使用复杂的术语。 可能会这样组织句子:TP-Link修复了Archer NX路由器的两个高危漏洞,分别是CVE-2025-15517和CVE-2025-15605。前者允许攻击者绕过认证上传恶意固件;后者涉及硬编码密钥,导致配置文件被解密和篡改。用户应尽快更新固件以应对这些风险。 最后检查一下字数是否符合要求,并确保没有使用禁止的开头方式。 </think> TP-Link修复了Archer NX路由器的两个高危漏洞:CVE-2025-15517允许攻击者绕过认证上传恶意固件;CVE-2025-15605涉及硬编码密钥,导致配置文件被解密和篡改。用户应尽快更新固件以应对这些风险。 2026-3-25 14:44:41 Author: securityaffairs.com(查看原文) 阅读量:3 收藏
Patch now: TP-Link Archer NX routers vulnerable to firmware takeover
TP-Link patched a high severity flaw (CVE-2025-15517) in Archer NX routers that could let attackers bypass authentication and install malicious firmware.
TP-Link issued security updates for its Archer NX router series to fix multiple vulnerabilities, including CVE-2025-15517 (CVSS score of 8.6), a critical authentication bypass flaw. The vulnerability impacts multiple models, including NX200, NX210, NX500, and NX600. The flaw allows attackers to upload new firmware without privileges, creating a high risk of compromise if unpatched.
“A missing authentication check in the HTTP server to certain cgi endpoints allows unauthenticated access intended for authenticated users.” reads the advisory. “An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.”
TP-Link also removed a hardcoded cryptographic key in Configuration Encryption Mechanism, tracked as CVE-2025-15605 (CVSS score of 8.5). The vulnerability allowed authenticated attackers to decrypt configuration files, modify them, and re-encrypt them.
“A hardcoded cryptographic key within its configuration mechanism enables decryption and re-encryption of device configuration data.” reads the advisory. “An authenticated attacker may decrypt configuration files, modify them and re-encrypt them, affecting confidentiality and integrity of device configuration data.”
Below is the list of impacted products/versions and related fixes:
| Affected Product | Affected Hardware Versions / Firmware Versions |
| Archer NX600 | • v3.0: < 1.3.0 Build 260309 • v2.0: < 1.3.0 Build 260311 • v1.0: < 1.4.0 Build 260311 |
| Archer NX500 | • v2.0: < 1.5.0 Build 260309 • v1.0: < 1.3.0 Build 260311 |
| Archer NX210 | • v3.0: < 1.3.0 Build 260309 • v2.0 & v2.20: < 1.3.0 Build 260311 |
| Archer NX200 | • v3.0: < 1.3.0 Build 260309 • v2.20: < 1.3.0 Build 260311 • v2.0: < 1.3.0 Build 260311 • v1.0: < 1.8.0 Build 260311 |
The vendor urges customers to download and install the latest firmware version to address these issues.
In September 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities (KEV) catalog.
Below are the descriptions for these flaws:
- CVE-2025-9377 (CVSS score of 8.6) TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability
- CVE-2023-50224 (CVSS score of 6.5) TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability
This week, the U.S. FCC announced a ban on importing new foreign-made consumer routers, citing unacceptable cyber and national security risks. The decision, backed by Executive Branch assessments, means such devices can no longer be sold or marketed in the U.S. unless they receive special approval.
Routers will be added to the Covered List, with exceptions only for those cleared by the Department of Homeland Security or defense authorities after the Department of Homeland Security or defense authorities verify they pose no threat to communications networks.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Archer NX)
如有侵权请联系:admin#unsafe.sh