Threat Advisory

TP-Link Archer MR600 Router Vulnerability Enables Full Device Control

Threat: Vulnerability
Threat Actor Name: -
Threat Actor Type: -
Targeted Region: Global
Alias: -
Threat Actor Region: -
Targeted Sector: Technology & IT
Criticality: High
[subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

A high-severity authenticated command injection vulnerability tracked as CVE-2025-14756 has been identified in a 4G+ LTE router, carrying a CVSS score of 8.5, indicating a significant security risk. The flaw exists within the web-based administrative interface, where insufficient input validation allows a logged-in attacker to inject and execute system commands through crafted input accessible via browser developer tools. Although authentication is required, successful exploitation enables the attacker to bypass normal administrative restrictions and escalate control to the system level, potentially leading to service disruption or full device compromise. The issue affects a specific hardware version running older firmware builds, leaving impacted devices exposed until updated. A patched firmware release is available that resolves the command injection weakness and prevents abuse of the affected interface component.[/subscribe_to_unlock_form]

EXECUTIVE SUMMARY:

A high-severity authenticated command injection vulnerability tracked as CVE-2025-14756 has been identified in a 4G+ LTE router, carrying a CVSS score of 8.5, indicating a significant security risk. The flaw exists within the web-based administrative interface, where insufficient input validation allows a logged-in attacker to inject and execute system commands through crafted input accessible via browser developer tools. Although authentication is required, successful exploitation enables the attacker to bypass normal administrative restrictions and escalate control to the system level, potentially leading to service disruption or full device compromise. The issue affects a specific hardware version running older firmware builds, leaving impacted devices exposed until updated. A patched firmware release is available that resolves the command injection weakness and prevents abuse of the affected interface component.[emaillocker id="1283"]

RECOMMENDATION:

We strongly recommend you update TP-Link Archer MR600 4G+ LTE router to below version link: https://www.tp-link.com/us/support/faq/4916/

REFERENCES:

The following reports contain further technical details:
https://securityonline.info/router-takeover-high-severity-command-injection-flaw-hits-tp-link-archer-mr600/

[/emaillocker]
crossmenu