Severity by source
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow the attacker to modify device configuration, access sensitive information, or further compromise system integrity.
This issue affects AX53 v1.0: before 1.7.1 Build 20260213.
AnalysisAI
OS command injection in TP-Link Archer AX53 v1.0 dnsmasq module allows authenticated adjacent attackers to execute arbitrary code through maliciously crafted configuration files. Successful exploitation enables device configuration modification, sensitive data access, and complete system compromise. Affects TP-Link Archer AX53 v1.0 firmware versions prior to 1.7.1 Build 20260213. Requires high-privilege adjacent network access (CVSS:4.0 AV:A/PR:H). No public exploit identified at time of analysis.
Technical ContextAI
CWE-78 command injection in dnsmasq configuration parser fails to sanitize user-supplied input before passing to system shell. Vulnerability resides in cpe:2.3:a:tp-link_systems_inc.:ax53_v1.0 firmware component processing DNS configuration parameters. CVSS 8.5 reflects adjacent network vector requiring administrative credentials but yielding high confidentiality/integrity/availability impact with limited subsequent system compromise.
RemediationAI
Vendor-released patch: Upgrade TP-Link Archer AX53 v1.0 firmware to version 1.7.1 Build 20260213 or later. Download firmware from official TP-Link support portal at https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware. Verify firmware authenticity before installation. As interim mitigation for unpatched systems, restrict administrative access to trusted adjacent network segments only, disable remote management interfaces, and audit dnsmasq configuration files for unauthorized modifications. Consult vendor security advisory at https://www.tp-link.com/us/support/faq/5055/ for additional guidance. No workaround fully eliminates risk; patching is mandatory for production environments.
Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models be
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to r
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_set
Stack-based buffer overflow in the run_init_sbus function in the KCodes NetUSB module for the Linux kernel, as used in c
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_sta
TP-Link Archer C7 and TL-WR841N routers contain an authenticated remote command execution vulnerability in the Parental
A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier permits unauthorized indi
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the functio
In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote
Same weakness CWE-78 – OS Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-20550
GHSA-28h6-3mx2-8gjg