Vulnerability Database

320,419

Total vulnerabilities in the database

CVE-2025-15545

The backup restore function does not properly validate unexpected or unrecognized tags within the backup file. When such a crafted file is restored, the injected tag is interpreted by a shell, allowing execution of arbitrary commands with root privileges. Successful exploitation allows the attacker to gain root-level command execution, compromising confidentiality, integrity and availability.

Published: Jan 29, 2026
Updated: Jan 30, 2026
CVE: CVE-2025-15545
Exploit:

No technical information available.

CWEs:

CWE-20

Affected Software
References

No affected software listed.

https://nico-security.com/posts/cve-2025-15545
https://www.tp-link.com/en/support/download/re605x/v3/#Firmware
https://www.tp-link.com/us/support/download/re605x/v3/#Firmware
https://www.tp-link.com/us/support/faq/4929/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo