logo

TP-Link Patches Critical Archer MR600 Command Injection Flaw

ID: aa406b32-0c56-5b65-93a6-ccc2896057e3

STIX ID: report--aa406b32-0c56-5b65-93a6-ccc2896057e3

Feed Name: securityonline.info

Threat Score
65/100

Date Published: 2026-06-09

Date Updated: 2026-06-09

Author: Do Son

...
...

TP-Link issued an advisory for Archer MR600 v5 describing a command injection vulnerability in the WireGuard client configuration (CVE-2026-8913) that can allow an authenticated administrator to execute arbitrary commands via the web management interface; the flaw is rated CVSS 8.5 and TP-Link has released firmware updates (e.g., EU_V5_1.7.0, JP_V5_1.2.0) which users are urged to install immediately.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.