cbcvebase.

Tp-Link Systems Inc Archer C20 V5 vulnerabilities

4 known vulnerabilities affecting tp-link_systems_inc/archer_c20_v5.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2026-0834P3HIGHCVSS 8.8fixed in US_V5_260419fixed in EU_V5_2603172026-01-21
CVE-2026-0834 [HIGH] CWE-290 CVE-2026-0834: Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 (TDDP module) Logic vulnerability in TP-Link Archer C20 v5, 6.0, Archer AX53 v1.0 and TL-WR841N v13 (TDDP module) allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger factory resets and reboots without credentials, causing confi
nvd
CVE-2026-11834P3HIGHCVSS 8.7fixed in EU_V5_260317fixed in US_V5_2604192026-06-22
CVE-2026-11834 [HIGH] CWE-78 CVE-2026-11834: A command injection vulnerability has been identified in the DHCP option processing logic in multipl A command injection vulnerability has been identified in the DHCP option processing logic in multiple TP-Link router models, due to insufficient validation of externally supplied DHCP option data. An adjacent attacker may exploit this vulnerability by supplying crafted DHCP responses, potentially resulting in unauthorized command execution during devic
nvd
CVE-2025-15551P4MEDIUMCVSS 5.6fixed in US_V5_260419fixed in EU_V5_2603172026-02-05
CVE-2025-15551 [MEDIUM] CWE-95 CVE-2025-15551: The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 fo The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any request is getting executed by the JavaScript function like eval directly without any check. Attackers can exploit this vulnerability via a Man-in-the-Middle (MitM) attack to execute JavaScript code on the router's admin web portal without the us
nvd
CVE-2025-6982P4MEDIUMCVSS 6.9fixed in US_V5_260419fixed in EU_V5_2603172025-07-16
CVE-2025-6982 [MEDIUM] CWE-798 CVE-2025-6982: Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( <= 200407 ), and C20 V5 (<US_V5_260419 or <EU_V5_260317) allows attackers to decrypt the config.xml files.
nvd
Tp-Link Systems Inc Archer C20 V5 vulnerabilities | cvebase