CVE-2018-19537

HIGH

TP-Link Archer C5 Firmware < V2_160201_US - Authenticated Remote Command Execution via Configuration File Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-19537. PoCs published by JackDoan.

AI-analyzed exploit summary This repository contains a working proof-of-concept exploit for CVE-2018-19537, an authenticated RCE vulnerability in TP-Link Archer C5 routers. The exploit involves uploading a maliciously crafted configuration file to inject OS commands via the `wan_dyn_hostname` parameter, achieving root-level execution.

Description

TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.

Exploits (1)

nomisec WORKING POC 20 stars

by JackDoan · poc

https://github.com/JackDoan/TP-Link-ArcherC5-RCE

View Code ZIP pw:eip

This repository contains a working proof-of-concept exploit for CVE-2018-19537, an authenticated RCE vulnerability in TP-Link Archer C5 routers. The exploit involves uploading a maliciously crafted configuration file to inject OS commands via the `wan_dyn_hostname` parameter, achieving root-level execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TP-Link Archer C5 (all firmware versions)

Auth required

Prerequisites: Authenticated access to the router's web interface · Ability to upload a malicious configuration file

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/JackDoan/TP-Link-ArcherC5-RCE

Scores

CVSS v3 7.2

EPSS 0.0598

EPSS Percentile 92.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

tp-link/archer_c5_firmware < 2_160201_us

Published Nov 26, 2018

Tracked Since Feb 18, 2026