ГлавнаяУязвимости → CVE-2025-14756
8.8высокая

CVE-2025-14756

Описание

Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser developer console, possibly leading to service disruption or full compromise.

Затрагиваемое ПО
Tp-link Archer mr600 firmwareTp-link Archer mr600
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://jvn.jp/en/vu/JVNVU94651499/https://jvn.jp/vu/JVNVU94651499/https://www.tp-link.com/en/support/download/archer-mr600/#Firmwarehttps://www.tp-link.com/jp/support/download/archer-mr600/#Firmwarehttps://www.tp-link.com/us/support/faq/4916/