Description
This vulnerability in AX53 v1, AX55 v4 and AX55 v4.6 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution through complex heap-spray techniques.

Successful exploitation may result in repeated service unavailability and, in certain scenarios, allow an attacker to gain control of the device.
Published: 2026-03-20
Score: 7.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw originates from insufficient sanitization of network probe parameters. A crafted probe can overflow a stack buffer in the handling function, causing the service to crash. Under specific circumstances, the overflow may be leveraged with complex heap‑spray techniques to achieve remote code execution. Successful exploitation results in repeated service unavailability and, in certain scenarios, control over the device.

Affected Systems

TP‑Link Archer AX53 router, version 1.0 (v1), as well as TP‑Link Archer AX55 router, versions 4 and 4.6, are all affected.

Risk and Exploitability

The CVSS score of 7.7 indicates a high severity, and an EPSS score of less than 1% suggests a low likelihood of widespread exploitation at present. The vulnerability is not listed in CISA’s KEV catalog. It is inferred that an adversary could exploit the flaw by sending a crafted network probe from an external network to the router, triggering the buffer overflow and potentially executing code on the device. Affected devices include the TP‑Link Archer AX53 v1, AX55 v4, and AX55 v4.6.

Generated by OpenCVE AI on July 16, 2026 at 01:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to the latest version released by TP‑Link for AX53 v1, AX55 v4, and AX55 v4.6.
  • If firmware update is not available immediately, block or drop network probe traffic using firewall rules or access control lists.
  • Monitor system logs for repeated service crashes or abnormal probe packet traffic and investigate any suspicious activity.

Generated by OpenCVE AI on July 16, 2026 at 01:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Jul 2026 18:30:00 +0000

Type Values Removed Values Added
Description This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution through complex heap-spray techniques. Successful exploitation may result in repeated service unavailability and, in certain scenarios, allow an attacker to gain control of the device. This vulnerability in AX53 v1, AX55 v4 and AX55 v4.6 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution through complex heap-spray techniques. Successful exploitation may result in repeated service unavailability and, in certain scenarios, allow an attacker to gain control of the device.
Title Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53 Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53 + Archer AX55
References

Thu, 02 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link archer Ax53
Tp-link archer Ax53 Firmware
CPEs cpe:2.3:h:tp-link:archer_ax53:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_ax53_firmware:1.0:*:*:*:*:*:*:*
Vendors & Products Tp-link archer Ax53
Tp-link archer Ax53 Firmware
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


Mon, 23 Mar 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link ax53 V1
Vendors & Products Tp-link
Tp-link ax53 V1

Fri, 20 Mar 2026 16:45:00 +0000

Type Values Removed Values Added
Description This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution through complex heap-spray techniques. Successful exploitation may result in repeated service unavailability and, in certain scenarios, allow an attacker to gain control of the device.
Title Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 7.7, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}


Subscriptions

Tp-link Archer Ax53 Archer Ax53 Firmware Ax53 V1
cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-07-13T18:10:05.481Z

Reserved: 2026-03-10T17:11:18.919Z

Link: CVE-2025-15608

cve-icon Vulnrichment

Updated: 2026-03-23T13:01:19.826Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T17:16:41.220

Modified: 2026-06-17T08:38:06.710

Link: CVE-2025-15608

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-16T01:15:03Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow