Description
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modification of configuration files, disclosure of sensitive information, or further compromise of device integrity.

This issue affects AX53 v1.0: before 1.7.1 Build 20260213.
Published: 2026-04-08
Score: 8.5 High
EPSS: 1.2% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An OS command injection flaw exists in the OpenVPN module of the TP‑Link Archer AX53 v1.0 firmware. An attacker who is authenticated and adjacent on the same network can craft a malicious configuration file that, when processed by the device, causes arbitrary shell commands to be executed. The vulnerability is a classic example of CWE‑78 and enables an attacker to alter device settings, extract sensitive information, or further compromise the device’s integrity.

Affected Systems

The TP‑Link Archer AX53 running firmware version 1.0, specifically before firmware 1.7.1 Build 20260213, is affected. Only this combination of vendor, product, and firmware version is listed in the CNA data.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity. The EPSS score is 1 %, suggesting a currently low likelihood of automated exploitation, and the vulnerability is not listed in CISA’s KEV catalog. The description states that the attacker must be authenticated and adjacent, which implies that the attack vector is likely local; this inference is drawn from the requirement that the attacker be able to access the router’s configuration interface. A locally connected attacker could therefore upload or influence a configuration file on the router to trigger the command injection.

Generated by OpenCVE AI on June 18, 2026 at 09:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware release (v1.7.1 Build 20260213 or newer) to the TP‑Link Archer AX53 router.
  • If an immediate firmware upgrade is not possible, disable the OpenVPN service or lock it down so only trusted users can manage the configuration.
  • Restrict network access to the router’s configuration interface to known administrators, ensuring that no unauthorized users can submit configuration files.
  • Verify firmware downloads using checksums or digital signatures provided by TP‑Link before installation.
  • Continuously monitor the device for unauthorized configuration changes or anomalous command execution logs.

Generated by OpenCVE AI on June 18, 2026 at 09:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 16:30:00 +0000

Type Values Removed Values Added
References

Tue, 14 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link archer Ax53
Tp-link archer Ax53 Firmware
CPEs cpe:2.3:h:tp-link:archer_ax53:1.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_ax53_firmware:*:*:*:*:*:*:*:*
Vendors & Products Tp-link archer Ax53
Tp-link archer Ax53 Firmware
Metrics cvssV3_1

{'score': 8.0, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link ax53 V1
Vendors & Products Tp-link
Tp-link ax53 V1

Wed, 08 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 08 Apr 2026 18:45:00 +0000

Type Values Removed Values Added
Description An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modification of configuration files, disclosure of sensitive information, or further compromise of device integrity. This issue affects AX53 v1.0: before 1.7.1 Build 20260213.
Title OS Command Injection Vulnerability in OpenVPN Module in TP-Link AX53
Weaknesses CWE-78
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L'}

Subscriptions

Tp-link Archer Ax53 Archer Ax53 Firmware Ax53 V1
cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-05-07T15:47:04.878Z

Reserved: 2026-03-05T17:35:52.174Z

Link: CVE-2026-30815

cve-icon Vulnrichment

Updated: 2026-05-07T15:47:04.878Z

cve-icon NVD

Status : Modified

Published: 2026-04-08T19:25:20.320

Modified: 2026-06-17T10:32:57.823

Link: CVE-2026-30815

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T09:30:15Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')