CNNVD-202602-300 Information
CNNVD ID
CNNVD-202602-300
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
TP-LINK Archer AXE75是中国普联(TP-LINK)公司的一款无线路由器。 TP-Link Archer AXE75 V1存在安全漏洞,该漏洞源于配置为L2TP/IPSec VPN服务器时,即使启用了IPSec,仍可能接受未受IPSec保护的L2TP连接,可能导致传输数据暴露和机密性受损。
Description (English)
TP-LINK Archer AXE75 is a wireless router for PUR-LINK. TP-Link Archer AXE75 V1 has a security loophole, which stems from the fact that when configured as L2TP/IPSec VPN servers, even if IPSec is enabled, it is possible to accept a L2TP connection that is not protected by IPSec and may lead to data exposure and confidentiality damage.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
普联
Published
2026-02-03
Last Modified
2026-02-24
References
https://www.tp-link.com/us/support/faq/4942/ https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware https://access.redhat.com/security/cve/cve-2026-0620
Patch
https://www.tp-link.com/us/support/faq/4942/
Share on: