CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality.

CVSS

No CVSS.

References

Link	Resource
https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware
https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware
https://www.tp-link.com/us/support/faq/4942/

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Cuando se configura como servidor VPN L2TP/IPSec, el Archer AXE75 V1 puede aceptar conexiones usando L2TP sin protección IPSec, incluso cuando IPSec está habilitado. Esto permite sesiones VPN sin cifrado, exponiendo datos en tránsito y comprometiendo la confidencialidad.

03 Feb 2026, 19:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-03 19:16

Updated : 2026-04-15 00:35

NVD link : CVE-2026-0620

Mitre link : CVE-2026-0620

CVE.ORG link : CVE-2026-0620

JSON object : View

Products Affected

No product.

CWE

CWE-693

Protection Mechanism Failure

{"id": "CVE-2026-0620", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.0, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-03T19:16:15.580", "references": [{"url": "https://www.tp-link.com/en/support/download/archer-axe75/v1/#Firmware", "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}, {"url": "https://www.tp-link.com/us/support/download/archer-axe75/v1/#Firmware", "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}, {"url": "https://www.tp-link.com/us/support/faq/4942/", "source": "f23511db-6c3e-4e32-a477-6aa17d310630"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "f23511db-6c3e-4e32-a477-6aa17d310630", "description": [{"lang": "en", "value": "CWE-693"}]}], "descriptions": [{"lang": "en", "value": "When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled.\u00a0\u00a0This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality."}, {"lang": "es", "value": "Cuando se configura como servidor VPN L2TP/IPSec, el Archer AXE75 V1 puede aceptar conexiones usando L2TP sin protecci\u00f3n IPSec, incluso cuando IPSec est\u00e1 habilitado. Esto permite sesiones VPN sin cifrado, exponiendo datos en tr\u00e1nsito y comprometiendo la confidencialidad."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "f23511db-6c3e-4e32-a477-6aa17d310630"}