Description
In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. 


An authenticated attacker with administrative privileges could exploit this issue to confirm the presence of the diagnostic utility and view its valid command-line syntax and options.  The exposed information is limited in scope and does not include sensitive system data.
Published: 2026-05-19
Score: 4.6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Archer AX72 router’s web‑management interface contains a diagnostic feature that does not correctly validate malformed input. When an attacker submits invalid data, the interface returns a list of acceptable diagnostic command names and syntax. This disclosure allows an attacker to confirm that the diagnostic utility is present and learn how to use it, but it does not reveal passwords, configuration files, or other sensitive data.

Affected Systems

The only affected product is TP‑Link Systems Inc.’s Archer AX72 (SG) firmware version 1.0. No other vendors or product variants are listed in the advisory.

Risk and Exploitability

The CVSS score of 4.6 reflects a moderate confidentiality impact and no denial‑of‑service or privilege escalation. Exploitation requires an authenticated user with administrative privileges, which reduces the probability of a widespread attack. EPSS data is not available and the vulnerability is not listed in the KEV catalog, indicating that the current exploitation risk is low, though discovery of the diagnostic commands could assist future attacks if paired with other weaknesses.

Generated by OpenCVE AI on May 19, 2026 at 17:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to the latest version released by TP‑Link.
  • Restrict web‑interface access to trusted internal networks and enforce strong authentication.
  • Disable or limit the diagnostic feature so that only privileged users can use it.
  • Monitor router logs for abnormal diagnostic inquiries.

Generated by OpenCVE AI on May 19, 2026 at 17:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 19 May 2026 16:45:00 +0000

Type Values Removed Values Added
Description In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information.  An authenticated attacker with administrative privileges could exploit this issue to confirm the presence of the diagnostic utility and view its valid command-line syntax and options.  The exposed information is limited in scope and does not include sensitive system data.
Title Information Disclosure via Diagnostic Interface Due to Improper Input Validation on TP-Link's Archer AX72
Weaknesses CWE-209
References
Metrics cvssV4_0

{'score': 4.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: TPLink

Published:

Updated: 2026-05-19T17:06:21.425Z

Reserved: 2026-04-03T17:31:05.618Z

Link: CVE-2026-5511

cve-icon Vulnrichment

Updated: 2026-05-19T17:06:16.973Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-19T17:16:23.493

Modified: 2026-05-19T17:59:12.383

Link: CVE-2026-5511

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T17:30:10Z

Weaknesses