RCE in Tp-link Systems Inc. Archer Vx1800v V1

CVE-2026-15427

An OS command injection vulnerability exists in the TR-069 / CWMP management interface of Archer VX1800v v1 due to insufficient input validation and sanitization of parameters, allowing crafted input to be executed as system-level commands…

Vulnerability class: Command Injection (OS Command Injection)

Affected products

Weakness classification (CWE)

References