ACCORDING to CISA, TP-Link has patched a high-severity flaw (CVE-2025-15517) in its Archer NX router series, addressing an authentication bypass that could allow attackers to upload malicious firmware. The fix also covers multiple models, including NX200, NX210, NX500, and NX600, and carries a CVSS score of 8.6.
In addition, the update removes a hardcoded cryptographic key in the Configuration Encryption Mechanism, tracked as CVE-2025-15605 (CVSS score 8.5), which could allow authenticated attackers to decrypt, modify and re-encrypt configuration data. The vendor’s advisory notes that a missing authentication check in the HTTP server could enable unauthenticated privileged actions such as firmware uploads and configuration changes.
Affected hardware versions and firmware builds for Archer NX600, NX500, NX210 and NX200 are listed in the advisory, and customers are urged to download the latest firmware to address these issues. The story, dated 25 March 2026, also notes that in September 2025 the FCC announced a ban on importing certain foreign-made routers.