Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-9151
Deferred
More InfoOfficial Page
Source-f23511db-6c3e-4e32-a477-6aa17d310630
View Known Exploited Vulnerability (KEV) details
Published At-10 Jun, 2026 | 18:17
Updated At-10 Jun, 2026 | 19:41

An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to execute arbitrary commands on the device by importing a specially crafted VPN client configuration file. The issue stems from improper filtering of special characters.  Successful exploitation of this vulnerability may enable an attacker to gain full control of the affected device, potentially compromising configuration integrity, network security, and service availability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.5HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-78Secondaryf23511db-6c3e-4e32-a477-6aa17d310630
CWE ID: CWE-78
Type: Secondary
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.tp-link.com/en/support/download/archer-ax12/#Firmwaref23511db-6c3e-4e32-a477-6aa17d310630
N/A
https://www.tp-link.com/en/support/download/archer-ax17/#Firmwaref23511db-6c3e-4e32-a477-6aa17d310630
N/A
https://www.tp-link.com/en/support/download/archer-ax18/#Firmwaref23511db-6c3e-4e32-a477-6aa17d310630
N/A
https://www.tp-link.com/us/support/download/archer-ax1300/#Firmwaref23511db-6c3e-4e32-a477-6aa17d310630
N/A
https://www.tp-link.com/us/support/faq/5125/f23511db-6c3e-4e32-a477-6aa17d310630
N/A
Hyperlink: https://www.tp-link.com/en/support/download/archer-ax12/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource: N/A
Hyperlink: https://www.tp-link.com/en/support/download/archer-ax17/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource: N/A
Hyperlink: https://www.tp-link.com/en/support/download/archer-ax18/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource: N/A
Hyperlink: https://www.tp-link.com/us/support/download/archer-ax1300/#Firmware
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource: N/A
Hyperlink: https://www.tp-link.com/us/support/faq/5125/
Source: f23511db-6c3e-4e32-a477-6aa17d310630
Resource: N/A
Change History
0Changes found
Details not found