CVE-2026-8697
Analyzed Analyzed - Analysis Complete
Authentication Bypass in TP-Link Archer C64 SSH Service

Publication date: 2026-05-28

Last updated on: 2026-06-03

Assigner: TPLink

Description
Due to improper enforcement of authentication rate-limiting on a debug SSH service in Archer C64 v1, the SSH service allows unlimited authentication attempts and uses the same credentials as the web interface. This enables an attacker to brute-force valid credentials via SSH. Successful exploitation could allow an attacker with adjacent network access to obtain administrative credentials through unrestricted authentication attempts and subsequently gain full administrative access to the device, impacting system confidentiality, integrity, and availability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-06-03
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-8697
EUVD
EUVD-2026-32929
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tp-link archer_c64_firmware 1.15.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CWE-288 The product requires authentication, but the product has an alternate path or channel that does not require authentication.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-8697 is a security vulnerability in the TP-Link Archer C64 v1 router caused by improper enforcement of authentication rate-limiting on a debug SSH service.

This SSH service allows unlimited authentication attempts and uses the same credentials as the web interface, which enables an attacker with adjacent network access to perform brute-force attacks to guess valid credentials.

Impact Analysis

Successful exploitation of this vulnerability could allow an attacker to obtain administrative credentials by brute-forcing the SSH service.

Once administrative access is gained, the attacker can fully control the device, impacting the system's confidentiality, integrity, and availability.

Mitigation Strategies

To mitigate the vulnerability CVE-2026-8697 on the TP-Link Archer C64 v1 router, users should immediately update their device firmware to the latest version released by TP-Link.

Specifically, update to firmware version 1.15.0 Build 250729 Rel.63489n(4555), which addresses the improper authentication rate-limiting issue on the debug SSH service.

Applying this update will prevent attackers from performing unlimited authentication attempts via SSH and protect administrative credentials.

Compliance Impact

This vulnerability allows an attacker to gain administrative access to the device by brute-forcing credentials due to improper authentication rate-limiting on the SSH service. Such unauthorized access can compromise the confidentiality, integrity, and availability of the system.

Compromise of administrative credentials and device control could lead to unauthorized access to sensitive data or disruption of services, which may result in non-compliance with common standards and regulations like GDPR and HIPAA that require protection of personal and sensitive information.

Therefore, failure to mitigate this vulnerability could increase the risk of data breaches or service interruptions, potentially violating regulatory requirements for data security and privacy.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-8697. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart