Matteo Croce

**Name of the Vulnerable Software and Affected Versions** TP-Link Archer C5 devices through V2 160201 US **Description** The issue allows remote command execution via shell metacharacters on the `wan dyn hostname` line of a configuration file. This configuration file is encrypted with the 478DA50BF9E3D2CF key and can be uploaded through the web GUI using the web admin account. In some cases, the default password 'admin' may be used. **Recommendations** For TP-Link Archer C5 devices through V2 160201 US, change the default admin password to a strong and unique password to prevent unauthorized access. As a temporary workaround, consider restricting access to the web GUI and the configuration file upload feature until a patch is available. Avoid using the default password and ensure that all configuration files are handled securely to minimize the risk of exploitation.