CVE-2026-0834

8.8 HIGH

Published: January 21, 2026 Modified: February 10, 2026

Description

Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 (TDDP module) allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger factory resets and reboots without credentials, causing configuration loss and interruption of device availability.This issue affects Archer C20 v6.0 < V6_251031. Archer AX53 v1.0 < V1_251215

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://mattg.systems/posts/cve-2026-0834/

Source: f23511db-6c3e-4e32-a477-6aa17d310630

Permissions Required

https://www.tp-link.com/en/support/download/archer-ax53/v1/#Firmware

Source: f23511db-6c3e-4e32-a477-6aa17d310630

Product

https://www.tp-link.com/en/support/download/archer-c20/v6/#Firmware

Source: f23511db-6c3e-4e32-a477-6aa17d310630

Product

3 reference(s) from NVD

Quick Stats

CVSS v3 Score

8.8 / 10.0

EPSS (Exploit Probability)

0.0%

1th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-290

Affected Vendors

tp-link

Related CVEs

CVE-2026-4565 8.8

CVE-2026-4564 4.7

CVE-2026-4563 4.3

CVE-2026-4562 7.3

CVE-2026-2580 7.5