Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

archer_c60_firmware

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-1571
Assigner-TP-Link Systems Inc.
ShareView Details
Assigner-TP-Link Systems Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.01% / 2.17%
||
7 Day CHG-0.06%
Published-11 Feb, 2026 | 00:39
Updated-20 Feb, 2026 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reflected XSS Vulnerability on TP-Link Archer C60

User-controlled input is reflected into the HTML output without proper encoding on TP-Link Archer C60 v3, allowing arbitrary JavaScript execution via a crafted URL. An attacker could run script in the device web UI context, potentially enabling credential theft, session hijacking, or unintended actions if a privileged user is targeted.

Action-Not Available
Vendor-TP-Link Systems Inc.TP-Link Systems Inc.
Product-archer_c60archer_c60_firmwareArcher C60 v3
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')