CVE-2025-59487

Heap-based Buffer Overflow Vulnerability in TP-Link Archer AX53

Description

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset is used to determine the write location in memory. By crafting a packet with a manipulated field offset, an attacker can redirect writes to arbitrary memory locations.This issue affects Archer AX53 v1.0: through 1.3.1 Build 20241120.

INFO

Published Date :

2026-02-03T18:47:38.341Z

Last Modified :

2026-03-16T17:23:12.636Z

Source :

TPLink

AFFECTED PRODUCTS

The following products are affected by CVE-2025-59487 vulnerability.

Vendors	Products
Tp-link	Archer Ax53 Archer Ax53 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59487.

URL	Resource
https://talosintelligence.com/vulnerability_reports/
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2285
https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/my/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/us/support/faq/4943/

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact