Security Advisory

CVE-2025-14756

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-26 18:17:09

Last updated 2026-02-26 15:04:51

Assigner TPLink

State PUBLISHED

Description

Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser developer console, possibly leading to service disruption or full compromise.

← Browse all CVEs View on cve.org ↗