Ddos 
TP-Link has issued an urgent security advisory regarding its Archer AX53 v1.0 router, detailing five distinct vulnerabilities that could allow attackers to seize control of the device or leak sensitive information. The flaws impact several core components, including the tmpserver, dnsmasq, and OpenVPN modules.
The most severe threats identified involve OS Command Injection within the router’s communication and networking modules. These vulnerabilities allow an authenticated attacker in close proximity (adjacent) to bypass standard security and execute system-level commands.
- CVE-2026-30818 (CVSS 8.5): This high-severity flaw in the dnsmasq module allows an attacker to “execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation”. Successful exploitation “may allow the attacker to modify device configuration, access sensitive information, or further compromise system integrity”.
- CVE-2026-30815 (CVSS 8.5): A similar injection vulnerability exists in the OpenVPN module. Attackers can execute commands that “may allow modification of configuration files, disclosure of sensitive information, or further compromise of device integrity”.
The advisory also highlights a buffer overflow vulnerability (CVE-2026-30814) within the tmpServer module, carrying a CVSS score of 7.3.
A stack-based buffer overflow in this module “allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file”. If successful, this attack could lead to the “modification of device state, exposure of sensitive data, or further compromise of device integrity”.
In addition to code execution, TP-Link addressed two Arbitrary File Reading vulnerabilities (CVE-2026-30816 and CVE-2026-30817). These “external configuration control” flaws allow an attacker to read files on the local system when a malicious configuration file is processed. This type of unauthorized access “potentially exposing sensitive information” stored on the device.
The vulnerabilities are confirmed to affect the following specific hardware and software configuration:
- Product Model: Archer AX53 v1.0
- Affected Version: All versions prior to 1.7.1 Build 20260213
To protect your network and personal data, TP-Link “strongly recommend that users with affected devices take” immediate action.
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
