EUVD-2026-20542
GHSA-w4qp-mpq3-cw45
CVSS Vector
CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Description
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash and could allow arbitrary code execution, enabling modification of device state, exposure of sensitive data, or further compromise of device integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213.
Analysis
Stack-based buffer overflow in TP-Link Archer AX53 v1.0 tmpServer module enables authenticated adjacent attackers to execute arbitrary code via malicious configuration file. Exploitation triggers segmentation fault, permits device state modification, sensitive data exposure, and integrity compromise. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all TP-Link Archer AX53 devices and document current firmware versions via device web interface or management platform. Within 7 days: Test firmware version 1.7.1 Build 20260213 or later in non-production environment; validate functionality against organizational network requirements. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today