CVE-2025-15608

Published: Mar 20, 2026 Last Modified: Mar 20, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,7

Source: f23511db-6c3e-4e32-a477-6aa17d310630

Attack Vector: adjacent

Attack Complexity: high

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution through complex heap-spray techniques.

Successful exploitation may result in repeated service unavailability and, in certain scenarios, allow an attacker to gain control of the device.

121

Stack-based Buffer Overflow

Draft

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Availability Integrity Confidentiality Access Control Other

Potential Impacts:

Modify Memory Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Execute Unauthorized Code Or Commands Bypass Protection Mechanism Other

Applicable Platforms

Languages: C, C++, Memory-Unsafe

Likelihood of Exploit: High

View CWE Details

https://www.tp-link.com/en/support/download/archer-ax53/v1/…

https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware

https://www.tp-link.com/us/support/faq/5025/

CVE-2025-15608

Description

Stack-based Buffer Overflow

Common Consequences

Applicable Platforms

Iscriviti alla newsletter