TP-Link security patch release for CVE-2025-15517
Security Patch Release
Summary
Hide ▲
Show ▼
TP-Link released security updates for its Archer NX router series to close a critical authentication-bypass flaw that could let attackers upload firmware without logging in. The update scope includes CVE-2025-15517 plus CVE-2025-15605 and two command injection bugs affecting NX200, NX210, NX500, and NX600 models. Owners were urged to install the latest firmware version to reduce the risk of unauthorized configuration changes and device compromise.
Related Happenings
Cisco security patch release for CVE-2026-20262
Security Patch Release
H score47
First: 15.06.2026 20:12
Last: 15.06.2026 20:12
Sources 1
About this happening:
**Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...
Cisco security patch release for CVE-2026-20262
Security Patch ReleaseAbout this happening: **Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...
Ivanti Sentry patch release for CVE-2026-10520 and CVE-2026-10523
Security Patch Release
H score54
First: 10.06.2026 09:26
Last: 10.06.2026 09:26
Sources 1
About this happening:
**Ivanti** released a **patch bundle** for **Sentry** after identifying **two critical vulnerabilities** in the secure mobile gateway appliance, including **CVE-2026-10520** and *...
Ivanti Sentry patch release for CVE-2026-10520 and CVE-2026-10523
Security Patch ReleaseAbout this happening: **Ivanti** released a **patch bundle** for **Sentry** after identifying **two critical vulnerabilities** in the secure mobile gateway appliance, including **CVE-2026-10520** and *...
LiteLLM endpoint-hardening patch release (CVE-2026-42271)
Security Patch Release
H score59
First: 09.06.2026 09:26
Last: 09.06.2026 09:26
Sources 1
About this happening:
BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...
LiteLLM endpoint-hardening patch release (CVE-2026-42271)
Security Patch ReleaseAbout this happening: BerriAI released **LiteLLM 1.83.7**, hardening access to the vulnerable **MCP test endpoints** that accepted full server configurations. The update now requires the **PROXY_ADMIN*...
Check Point security patch release for CVE-2026-50751
Security Patch Release
H score48
First: 08.06.2026 16:05
Last: 08.06.2026 16:05
Sources 1
About this happening:
**Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Check Point security patch release for CVE-2026-50751
Security Patch ReleaseAbout this happening: **Check Point** released **security updates** to patch **CVE-2026-50751** in **Remote Access VPN** and **Mobile Access** deployments. The update addressed a **critical authenticat...
Cisco Unified Communications Manager security update for CVE-2026-20230
Security Patch Release
H score56
First: 04.06.2026 14:09
Last: 04.06.2026 14:09
Sources 1
About this happening:
Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...
Cisco Unified Communications Manager security update for CVE-2026-20230
Security Patch ReleaseAbout this happening: Cisco released **security updates** for **Cisco Unified Communications Manager (Unified CM)** to fix **CVE-2026-20230**, a **critical** flaw that could let a remote attacker reach...
Timeline
-
25.03.2026 13:11 2 articles · 3mo ago
TP-Link releases Archer NX firmware updates
Mitigation Patch UpdateTP-Link released security updates for the Archer NX router series to fix CVE-2025-15517, a critical missing-authentication flaw in the HTTP server to certain cgi endpoints that could let an attacker perform privileged HTTP actions without authentication, including firmware upload and configuration operations. The same update set also removed a hardcoded cryptographic key in CVE-2025-15605 and patched two command injection vulnerabilities, CVE-2025-15518 and CVE-2025-15519, affecting Archer NX200, NX210, NX500, and NX600 devices, and customers were urged to install the latest firmware version.
Show sources
- TP-Link warns users to patch critical router auth bypass flaw — www.bleepingcomputer.com — 25.03.2026 13:11
- TP-Link warns users to patch critical router auth bypass flaw — www.bleepingcomputer.com — 25.03.2026 13:11