Skip to main content

Archer Mr600 V5

1 CVEs product

Monthly

CVE-2026-8913 HIGH PATCH This Week

Authenticated command injection in the TP-Link Archer MR600 v5 router allows administrators on the adjacent network to execute arbitrary OS commands via the WireGuard client configuration in the web management interface. The flaw stems from improper neutralization of user-controlled input when configuration changes are applied, enabling full device compromise. No public exploit identified at time of analysis, but TP-Link has released a firmware patch.

Command Injection Archer Mr600 V5
NVD
CVSS 4.0
8.5
EPSS
0.4%
EPSS 0% CVSS 8.5
HIGH PATCH This Week

Authenticated command injection in the TP-Link Archer MR600 v5 router allows administrators on the adjacent network to execute arbitrary OS commands via the WireGuard client configuration in the web management interface. The flaw stems from improper neutralization of user-controlled input when configuration changes are applied, enabling full device compromise. No public exploit identified at time of analysis, but TP-Link has released a firmware patch.

Command Injection Archer Mr600 V5
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy