CVE-2026-3294

Name of the Vulnerable Software and Affected Versions TP-Link range extenders (affected versions not specified)

Description An authentication logic flaw allows an unauthenticated attacker on an adjacent network to reset the administrator password due to insufficient validation of a login parameter. Successful exploitation enables an attacker to gain full administrative control of the device, which may impact confidentiality, integrity, and availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.