XSS in Tp-link Systems Inc. Archer C5 V6.8
CVE-2026-8699
A stored Cross-Site Scripting (XSS) vulnerability has been identified in the web-based management interface of Archer C5 v6.8 routers, due to insufficient server-side validation and lack of proper output encoding of user-controlled input i…
Vulnerability class: XSS (Cross-Site Scripting)
Affected products
- Tp-link Systems Inc. Archer C5 V6.8 — versions 0
Weakness classification (CWE)
References
- f23511db-6c3e-4e32-a477-6aa17d310630 (vendor-advisory)