PT-2026-3791 · Tp Link · Archer C20+1
Matt Graham
·
Published
2026-01-21
·
Updated
2026-02-02
·
CVE-2026-0834
CVSS v3.1
8.8
High
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TP-Link Archer C20 versions prior to V6 251031
TP-Link Archer AX53 version prior to V1 251215
Description
A logic issue exists in the TDDP module of TP-Link Archer C20 v6.0 and Archer AX53 v1.0. An unauthenticated attacker on an adjacent network can execute administrative commands, including factory reset and device reboot, without credentials. This can lead to configuration loss and interruption of device availability.
Recommendations
Update TP-Link Archer C20 to version V6 251031 or later.
Update TP-Link Archer AX53 to version V1 251215 or later.
Fix
Authentication Bypass by Spoofing
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Archer Ax53
Archer C20