CVE-2026-30815 - Vulnerability Details

- OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53

Description

An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modification of configuration files, disclosure of sensitive information, or further compromise of device integrity.

This issue affects AX53 v1.0: before 1.7.1 Build 20260213.

Published: 2026-04-08

Score: 8.5 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An OS command injection flaw exists in the OpenVPN module of the TP‑Link Archer AX53 v1.0 firmware. An attacker who is authenticated and adjacent on the same network can craft a malicious configuration file that, when processed by the device, causes arbitrary shell commands to be executed. The vulnerability is a classic example of CWE‑78 and enables an attacker to alter device settings, extract sensitive information, or further compromise the device’s integrity.

Affected Systems

The ARSeries router model TP‑Link Archer AX53 running firmware version 1.0, specifically before firmware 1.7.1 Build 20260213, is affected. Only this combination of vendor, product, and firmware version is listed in the CNA data.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity. The EPSS score is below 1 %, suggesting a currently low likelihood of automated exploitation, and the vulnerability is not listed in CISA’s KEV catalog. The vendor notes the attacker must be authenticated on an adjacent network segment, meaning the primary attack vector is via a local, connected attacker who can upload or influence a configuration file on the router.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

TP-Link Systems Inc.

AX53 v1.0

unaffected

Version	Status	Constraints
`0`	affected	< 1.7.1 Build 20260213

Configuration 1 [-]

AND

cpe:2.3:o:tp-link:archer_ax53_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:archer_ax53:1.0:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Tp-link

Ax53 V1

100%

Version	Status	Scheme	Platform
`[0,1.7.1 Build 20260213)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest firmware release (v1.7.1 Build 20260213 or newer) to the TP‑Link Archer AX53 router.
If an immediate firmware upgrade is not possible, disable the OpenVPN service or lock it down so only trusted users can manage the configuration.
Restrict network access to the router’s configuration interface to known administrators, ensuring that no unauthorized users can submit configuration files.
Verify firmware downloads using checksums or digital signatures provided by TP‑Link before installation.
Continuously monitor the device for unauthorized configuration changes or anomalous command execution logs.

Generated by OpenCVE AI on April 14, 2026 at 17:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00183.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://talosintelligence.com/vulnerability_reports/
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2303
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2307
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2308
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2309
https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/my/support/download/archer-ax53/v1/#Firmware
https://www.tp-link.com/us/support/faq/5055/

History

Thu, 07 May 2026 16:30:00 +0000

Type	Values Removed	Values Added
References		https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2303 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2307 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2308 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2309

Tue, 14 Apr 2026 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link archer Ax53 Tp-link archer Ax53 Firmware
CPEs		cpe:2.3:h:tp-link:archer_ax53:1.0:::::::* cpe:2.3:o:tp-link:archer_ax53_firmware::::::::
Vendors & Products		Tp-link archer Ax53 Tp-link archer Ax53 Firmware
Metrics		cvssV3_1 `{'score': 8.0, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Thu, 09 Apr 2026 08:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tp-link Tp-link ax53 V1
Vendors & Products		Tp-link Tp-link ax53 V1

Wed, 08 Apr 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 08 Apr 2026 18:45:00 +0000

Type	Values Removed	Values Added
Description		An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modification of configuration files, disclosure of sensitive information, or further compromise of device integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213.
Title		OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53
Weaknesses		CWE-78
References		https://talosintelligence.com/vulnerability_reports/ https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware https://www.tp-link.com/my/support/download/archer-ax53/v1/#Firmware https://www.tp-link.com/us/support/faq/5055/
Metrics		cvssV4_0 `{'score': 8.5, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}`

Subscriptions

Tp-link Archer Ax53 Archer Ax53 Firmware Ax53 V1

MITRE

Status: PUBLISHED

Assigner: TPLink

Published: 2026-04-08T17:52:29.336Z

Updated: 2026-05-07T15:47:04.878Z

Reserved: 2026-03-05T17:35:52.174Z

Link: CVE-2026-30815

Vulnrichment

Updated: 2026-05-07T15:47:04.878Z

NVD

Status : Modified

Published: 2026-04-08T19:25:20.320

Modified: 2026-05-07T16:16:18.397

Link: CVE-2026-30815

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-15T16:15:11Z

Weaknesses

CWE-78

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact Low

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object