CVE-2026-9151
HIGHTP-Link Archer OpenVPN - Adjacent Authenticated OS Command Injection
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2026-9151. PoCs published by wnaspy.
AI-analyzed exploit summary The repository contains a ZIP file with minimal content, including a requirements.txt and compiled Python bytecode files, but no actual exploit code or technical details about the vulnerability. The presence of compiled files and lack of source code raise suspicion.
Description
An OS command injection vulnerability exists in the VPN module of TP-Link Archer AX12 v1, AX17 v1. AX18 v1, and AX1300 v1.6 routers. This vulnerability allows an adjacent, authenticated attacker to execute arbitrary commands on the device by importing a specially crafted VPN client configuration file. The issue stems from improper filtering of special characters. Successful exploitation of this vulnerability may enable an attacker to gain full control of the affected device, potentially compromising configuration integrity, network security, and service availability.
Exploits (1)
The repository contains a ZIP file with minimal content, including a requirements.txt and compiled Python bytecode files, but no actual exploit code or technical details about the vulnerability. The presence of compiled files and lack of source code raise suspicion.
References (5)
Scores
CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X