XSS in Tp-link Systems Inc. Archer C5 V6.8

CVE-2026-8699

A stored Cross-Site Scripting (XSS) vulnerability has been identified in the web-based management interface of Archer C5 v6.8 routers, due to insufficient server-side validation and lack of proper output encoding of user-controlled input i…

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References