CVE-2026-5509
Received Received - Intake
BaseFortify

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: TPLink

Description
An authenticated command injection vulnerability exists in the Archer BE450 v1 and BE7200 v1 router that allows an administrator to execute arbitrary system commands through the web management interface. After successfully authenticating to the admin interface, an attacker can leverage the browser’s developer console by supplying a crafted input that is passed to backend system commands without adequate sanitization. Successful exploitation enables execution of arbitrary commands with elevated privileges on the device, which may allow the attacker to start unauthorized services, modify system configuration, or otherwise fully compromise the router’s operating environment.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-05-28
AI Q&A
2026-05-27
EPSS Evaluated
N/A
NVD
CVE-2026-5509
EUVD
EUVD-2026-32611
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
archer be450 1
archer be7200 1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an authenticated command injection flaw found in the Archer BE450 v1 and BE7200 v1 routers. It allows an attacker who has administrator access to the router's web management interface to execute arbitrary system commands. The attacker can use the browser's developer console to supply specially crafted input that is passed to backend system commands without proper sanitization.

Because the input is not adequately sanitized, the attacker can run commands with elevated privileges on the device, potentially taking full control of the router's operating environment.


How can this vulnerability impact me? :

Exploiting this vulnerability can have serious impacts, including allowing an attacker to execute arbitrary commands with high privileges on the affected router.

  • Starting unauthorized services on the device.
  • Modifying system configurations.
  • Fully compromising the router's operating environment.

What immediate steps should I take to mitigate this vulnerability?

To mitigate the CVE-2026-5509 vulnerability, users should immediately update the firmware of their Archer BE450 v1 and BE7200 v1 routers to version 1.3.0 Build 20260416 or later.

This firmware update addresses multiple security vulnerabilities including this command injection flaw, improves system stability, and adds new features.

It is strongly recommended to download the firmware update from the official TP-Link regional website and perform the upgrade locally to avoid warranty voidance or device damage.

Applying the update promptly is crucial as unpatched devices remain vulnerable to exploitation.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart