A important safety advisory has been launched for a command injection vulnerability affecting the Archer MR600 v5 router.
The flaw, tracked as CVE-2025-14756, allows authenticated attackers to execute arbitrary system instructions by way of the system’s admin interface, doubtlessly main to finish router compromise.
The vulnerability exists within the admin interface element of the Archer MR600 v5 firmware. Attackers with authentication credentials can inject system instructions through crafted enter submitted by way of the browser developer console.
Though the vulnerability imposes a restricted character-length restriction on injected instructions.
The flaw nonetheless permits attackers to execute malicious directions that may disrupt companies or acquire full management of the affected system.
CVE IDCVSS ScoreAffected ProductAffected VersionsCVE-2025-147568.5Archer MR600 v5<1.1.0, 0.9.1, v0001.0 Construct 250930 Rel.63611n
The vulnerability has been assigned a CVSS v4.0 rating of 8.5, indicating a high-severity danger.
The CVSS vector (CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA: N) signifies that the assault requires adjoining community entry and excessive privilege ranges.
However poses important dangers to the confidentiality, integrity, and availability of the router’s features.
The vulnerability impacts explicitly the Archer MR600 v5 with firmware variations sooner than v0001.0 Construct 250930 Rel.63611n (model 0.9.1 and beneath).
TP-Hyperlink has not launched this product in america, limiting its publicity there. Nonetheless, customers in different markets with affected units face potential safety dangers.
Mitigations
TP-Hyperlink strongly recommends customers instantly obtain and set up the newest firmware model to deal with this vulnerability.
The up to date firmware patches the command injection flaw and restores safety integrity.
Customers can entry firmware updates by way of TP-Hyperlink’s official assist portal: English: Archer MR600 Firmware Obtain, Japanese: Archer MR600 Firmware Help Web page.
This vulnerability highlights the significance of securing administrative interfaces on community units.
Authenticated command injection flaws can function stepping stones for lateral motion inside networks, particularly in enterprise environments the place routers act as important infrastructure parts.
Organizations managing TP-Hyperlink Archer units ought to prioritize firmware updates and implement community segmentation to limit administrative entry.
Moreover, monitoring for suspicious command execution patterns on affected routers may also help detect exploitation makes an attempt earlier than they trigger harm.
TP-Hyperlink emphasizes that failure to use the advisable safety updates leaves techniques weak to exploitation.
The seller can’t be held accountable for safety incidents ensuing from neglecting to implement these important patches.
Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.
