CVE-2026-0834

HIGH

Tp-link Archer Ax53 Firmware - Authentication Bypass by Spoofing

Title source: rule

Description

Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 (TDDP module) allows unauthenticated adjacent attackers to execute administrative commands including factory reset and device reboot without credentials. Attackers on the adjacent network can remotely trigger factory resets and reboots without credentials, causing configuration loss and interruption of device availability.This issue affects Archer C20 v6.0 < V6_251031. Archer AX53 v1.0 < V1_251215

Exploits (1)

nomisec WORKING POC
by mattgsys · poc
https://github.com/mattgsys/CVE-2026-0834

References (3)

Scores

CVSS v3 8.8
EPSS 0.0001
EPSS Percentile 0.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-290
Status published

Affected Products (2)

tp-link/archer_ax53_firmware
tp-link/archer_c20_firmware

Timeline

Published Jan 21, 2026
Tracked Since Feb 18, 2026