Affected Vendors This Week
- Cisco: 3 CVEs (all Medium severity)
- TP-Link: 2 CVEs (1 High, 1 Medium)
- ASUS: 1 CVE (High severity)
Critical Vulnerabilities
This week brought six new router and network device vulnerabilities, with two rated High severity. The most critical issue is CVE-2025-12793 (CVSS 7.8) affecting ASUS SoftwareManagerAgent. An uncontrolled DLL loading path vulnerability allows local attackers to load malicious libraries from attacker-controlled locations, potentially achieving code execution. While this requires local access, it poses a significant risk in environments where users have direct device access.
TP-Link users should prioritize CVE-2025-15035 (CVSS 7.3), which affects the Archer AXE75 v1.6 VPN modules. An authenticated adjacent attacker can delete arbitrary server files through improper input validation, potentially disrupting critical infrastructure or VPN services. This requires network proximity but no special privileges beyond basic authentication.
Medium-Severity Issues
TP-Link's Archer BE400 V1 is vulnerable to CVE-2025-14631 (CVSS 6.5), a NULL pointer dereference in 802.11 modules that allows denial-of-service attacks via device reboot. Three Cisco CVEs—CVE-2026-20026 (5.8), CVE-2026-20027 (5.3), and CVE-2026-20029 (4.9)—involve DCE/RPC request processing and ISE licensing vulnerabilities that could enable information disclosure or require administrative access.
Recommended Actions
- ASUS users: Check for SoftwareManagerAgent updates and restrict local administrator access where possible
- TP-Link administrators: Verify firmware versions for Archer AXE75 and BE400 models; prioritize patches for the Archer AXE75 VPN module
- Cisco environments: Review DCE/RPC filtering and ISE licensing module access controls