PT-2026-3791 · Tp Link · Archer C20+1

Matt Graham

Publicado

2026-01-21

Atualizado

2026-02-02

CVE-2026-0834

CVSS v3.1

8.8

Alta

Vetor

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TP-Link Archer C20 versions prior to V6 251031 TP-Link Archer AX53 version prior to V1 251215

Description A logic issue exists in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0. An unauthenticated attacker on an adjacent network can execute administrative commands, including factory reset and device reboot, without credentials. This can lead to configuration loss and interruption of device availability.

Recommendations Update TP-Link Archer C20 to version V6 251031 or later. Update TP-Link Archer AX53 to version V1 251215 or later.

Correção

Authentication Bypass by Spoofing

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-290

Identificadores relacionados

BDU:2026-01009

CVE-2026-0834

Produtos afetados

Archer Ax53

Archer C20

PT-2026-3791 · Tp Link · Archer C20+1

CVE-2026-0834

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14