RCE in Tp-link Systems Inc. Archer Vx1800v V1
CVE-2026-15427
An OS command injection vulnerability exists in the TR-069 / CWMP management interface of Archer VX1800v v1 due to insufficient input validation and sanitization of parameters, allowing crafted input to be executed as system-level commands…
Vulnerability class: Command Injection (OS Command Injection)
Affected products
- Tp-link Systems Inc. Archer Vx1800v V1 — versions 0
Weakness classification (CWE)
References
- f23511db-6c3e-4e32-a477-6aa17d310630 (patch)
- f23511db-6c3e-4e32-a477-6aa17d310630 (vendor-advisory)