CVE-2025-62673 – A heap-based buffer overflow vulnerability in T... (How to Fix)

Q: What is the severity of CVE-2025-62673?

CVE-2025-62673 has a CVSS score of 8.0 (HIGH). A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows attackers on the same network to crash the device or potentially execute arbitrary code by sending specially crafted network packets. This affects the tdpserver modules in firmware versions up to 1.3.1 Build 20241120. Attackers must be adjacent to the target network.

📋 TL;DR

A heap-based buffer overflow vulnerability in TP-Link Archer AX53 v1.0 routers allows attackers on the same network to crash the device or potentially execute arbitrary code by sending specially crafted network packets. This affects the tdpserver modules in firmware versions up to 1.3.1 Build 20241120. Attackers must be adjacent to the target network.

💻 Affected Systems

Products:

TP-Link Archer AX53 v1.0

Versions: through 1.3.1 Build 20241120

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects v1.0 hardware models. Requires attacker to be on same network segment.

📦 What is this software?

Archer Ax53 Firmware by Tp Link

View all CVEs affecting Archer Ax53 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full router compromise, credential theft, network pivoting, and persistent backdoor installation.

🟠

Likely Case

Denial of service causing router crashes and network disruption, requiring physical reset.

🟢

If Mitigated

Limited to denial of service if exploit attempts are blocked by network segmentation or intrusion prevention systems.

🌐 Internet-Facing: LOW - Requires adjacent network access, not directly internet exploitable.

🏢 Internal Only: HIGH - Attackers on the same network can exploit without authentication.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires crafting specific network packets but no authentication needed. Adjacent network access required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check TP-Link support site for latest firmware

Vendor Advisory: https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware

Restart Required: Yes

Instructions:

1. Visit TP-Link support page for Archer AX53 v1.0. 2. Download latest firmware. 3. Log into router admin interface. 4. Navigate to System Tools > Firmware Upgrade. 5. Upload and install new firmware. 6. Router will reboot automatically.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate router management interface from general network traffic

Disable Unnecessary Services

all

Turn off any unused network services on the router

🧯 If You Can't Patch

Segment router on isolated VLAN away from untrusted devices
Implement network monitoring for abnormal packet patterns targeting router

🔍 How to Verify

Check if Vulnerable:

Check firmware version in router admin interface under System Tools > Firmware Upgrade

Check Version:

Log into router web interface and check firmware version

Verify Fix Applied:

Confirm firmware version is newer than 1.3.1 Build 20241120

📡 Detection & Monitoring

Log Indicators:

Router crash/reboot events
Unusual network service restarts

Network Indicators:

Malformed packets to router management ports
Unusual traffic patterns to tdpserver service

SIEM Query:

source="router_logs" AND (event="crash" OR event="reboot") OR dest_port=router_management_port AND packet_size>normal_threshold

📊 Metadata

CVE ID: CVE-2025-62673

CVSS v3 Score: 8.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-122

EPSS Score: 0.01% exploit probability (0.9th percentile)

Published: February 3, 2026

Last Updated: February 11, 2026

🔗 References

https://talosintelligence.com/vulnerability_reports/ Third Party Advisory
https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware Product
https://www.tp-link.com/my/support/download/archer-ax53/v1/#Firmware Product
https://www.tp-link.com/us/support/faq/4943/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-62673, you might also want to check these: