Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

TP-Link Systems Inc. — Vulnerabilities & Security Advisories 107

Browse all 107 CVE security advisories affecting TP-Link Systems Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by TP-Link Systems Inc.:Archer BE230 v1.2Archer AX53 v1.0Tapo C520WS v2.6VX800v v1.0TL-WR841N V11AX53 v1.0Omada gatewaysArcher NX600 v3.0Tapo C260 v1Tapo C220 v1Omada ControllerTapo C200 V3TP-Link Tapo appDeco BE25 v1.0Omada Software ControllerTL-WR841N v14AX53 v1WA850REVIGI NVR1104H-4P V1SG2008P 3.2xTL-WR802N v4TL-MR6400 v5.3Archer AXE75 v1.6/v1.0EAP610 v3TD-W8961N v4.0TL-WR850N v3Omada Cloud ControllerArcher C7 v5 and v5.8Tapo AppTL-WR841N v14/v14.6/v14.8
CVE IDTitleCVSSSeverityPublished
CVE-2026-5039 Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N — TL-WL841N v13CWE-1394 8.8AIHighAI2026-04-23
CVE-2026-5363 Use of weak cryptographic key in TP-Link Archer C7 — Archer C7 v5 and v5.8CWE-326 7.5AIHighAI2026-04-15
CVE-2026-30818 OS Command Injection Vulnerability in dnsmasq Module in TP-Link AX53 — AX53 v1.0CWE-78 8.0AIHighAI2026-04-08
CVE-2026-30817 Arbitrary File Reading Vulnerability in dnsmasq Module in TP-Link AX53 — AX53 v1.0CWE-15 5.7AIMediumAI2026-04-08
CVE-2026-30816 Arbitrary File Reading Vulnerability in OpenVPN Module in TP-Link AX53 — AX53 v1.0CWE-15 5.7AIMediumAI2026-04-08
CVE-2026-30815 OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53 — AX53 v1.0CWE-78 8.0AIHighAI2026-04-08
CVE-2026-30814 Buffer Overflow Vulnerability in TP-Link AX53 — AX53 v1.0CWE-121 8.0AIHighAI2026-04-08
CVE-2026-34124 Denial of Service via Path Expansion Overflow in HTTP Service in TP-Link Tapo C520WS — Tapo C520WS v2.6CWE-120 6.5AIMediumAI2026-04-02
CVE-2026-34122 Stack-based Buffer Overflow Leading to Denial of Service in TP-Link Tapo C520WS — Tapo C520WS v2.6CWE-121 7.5AIHighAI2026-04-02
CVE-2026-34121 Authentication Bypass in DS Configuration Service via HTTP Request Parsing Differential of TP-Link Tapo C520WS — Tapo C520WS v2.6CWE-287 5.3AIMediumAI2026-04-02
CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS — Tapo C520WS v2.6CWE-122 6.5AIMediumAI2026-04-02
CVE-2026-34119 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS — Tapo C520WS v2.6CWE-122 6.5AIMediumAI2026-04-02
CVE-2026-34118 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS — Tapo C520WS v2.6CWE-122 6.5AIMediumAI2026-04-02
CVE-2026-4346 Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N — TL-WR850N v3CWE-312 6.8AIMediumAI2026-03-26
CVE-2026-3622 Denial-of-Service Vulnerability in UPnP Component of TP Link's TL-WR841N — TL-WR841N v14CWE-125 7.5AIHighAI2026-03-26
CVE-2025-15606 Denial of Service (DoS) in HTTPD Input Handling on TP-Link TD-W8961N — TD-W8961N v4.0CWE-20 7.5 -2026-03-23
CVE-2025-15605 Hardcoded Cryptographic Key in Configuration Encryption Mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 — Archer NX600 v3.0CWE-321 7.1 -2026-03-23
CVE-2025-15519 Command Injection in Modem Management CLI on TP-Link Archer NX200, NX210, NX500 and NX600 — Archer NX600 v3.0CWE-78 6.7 -2026-03-23
CVE-2025-15518 Command Injection in Wireless Control CLI on TP-Link Archer NX200, NX210, NX500 and NX600 — Archer NX600 v3.0CWE-78 6.7 -2026-03-23
CVE-2025-15517 Authorization Bypass in HTTP Server Endpoints on TP-Link Archer NX200, NX210, NX500 and NX600 — Archer NX600 v3.0CWE-306 9.8 -2026-03-23
CVE-2025-15608 Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53 — AX53 v1CWE-121 9.8 -2026-03-20
CVE-2025-15607 Authenticated Command Injection in mcsd Service of TP-Link Archer AX53 — AX53 v1CWE-77 8.8 -2026-03-20
CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N — TL-WR802N v4CWE-78 8.8AIHighAI2026-03-13
CVE-2026-1668 Input Validation Vulnerability on Multiple Omada Switches — SG2008P 3.2xCWE-20 9.8 -2026-03-13
CVE-2026-3841 Command Injection Vulnerability in Telnet CLI on TP-Link TL-MR6400 — TL-MR6400 v5.3CWE-78 7.2AIHighAI2026-03-12
CVE-2025-15568 Command Injection Vulnerability on TP-Link Archer AXE75 — Archer AXE75 v1.6/v1.0CWE-78 8.0AIHighAI2026-03-09
CVE-2025-7375 Unauthenticated Denial-of-Service Vulnerability in Omada EAP610 — EAP610 v3CWE-20 6.5 -2026-03-05
CVE-2026-0654 Command injection on TP-Link Deco BE25 — Deco BE25 v1.0CWE-78 8.0AIHighAI2026-03-02
CVE-2026-0655 Path Traversal on TP-Link Deco BE25 — Deco BE25 v1.0CWE-22 7.3AIHighAI2026-03-02
CVE-2025-9293 Insufficient Certificate Validation in Multiple Mobile Applications Allows Man in the Middle Interception — Tapo AppCWE-295 6.8AIMediumAI2026-02-13

This page lists every published CVE security advisory associated with TP-Link Systems Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.