CVE-2025-15607
Authenticated Command Injection in mcsd Service of TP-Link Archer AX53
In short
An authenticated user can inject malicious commands into the TP-Link Archer AX53 router's mscd service through improperly validated debug functions, allowing them to execute arbitrary commands and take full control of the device.
Technical detail
CWE-77 command injection exists in the mscd debug functionality due to insufficient input validation on log redirection parameters and unvalidated file content concatenation into shell commands. An authenticated attacker can exploit this to execute arbitrary system commands with device-level privileges, leading to complete device compromise.
Summary generated and translated by AI from the official description.
A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files and concatenation of unvalidated file content into shell commands, enabling authenticated attackers to inject and execute arbitrary commands. Successful exploitation may allow execution of malicious commands and ultimately full control of the device.
CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L
Affected products
TP-Link Systems Inc. · AX53 v1Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →