CVE-2026-8913

Vulnerability Description

A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when applying configuration changes.Successful exploitation may result in a full compromise of confidentiality, integrity, and availability of the affected device.

Vulnerability Details

Published Date

June 08, 2026

Last Modified

June 08, 2026

CWE ID

CWE-78

Source

NVD

External References

https://www.tp-link.com/en/support/download/archer-mr600/v5/#Firmware
https://www.tp-link.com/jp/support/download/archer-mr600/v5/#Firmware
https://www.tp-link.com/us/support/faq/5122/

CVE-2026-8913

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment