CVE-2026-8913

Sažetak

A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when applying configuration changes.Successful exploitation may result in a full compromise of confidentiality, integrity, and availability of the affected device.

Reference

https://www.tp-link.com/en/support/download/archer-mr600/v5/#Firmware
https://www.tp-link.com/jp/support/download/archer-mr600/v5/#Firmware
https://www.tp-link.com/us/support/faq/5122/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

09-06-2026 - 13:51

Objavljeno

08-06-2026 - 18:16