CVE-2026-8913 – Command Injection in TP-Link’s Archer MR600 WireGuard Client Configuration

CVE ID :CVE-2026-8913

Published : June 8, 2026, 6:16 p.m. | 17 minutes ago

Description :A command Injection vulnerability exists in the WireGuard client configuration of Archer MR600 v5 due to improper neutralization of user-controlled input within the web management interface. An authenticated attacker with administrative privileges may be able to execute arbitrary commands when applying configuration changes.Successful exploitation may result in a full compromise of confidentiality, integrity, and availability of the affected device.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-49141 – WACRM Authorization Bypass via Automation Engine Endpoint

CVE-2026-47345 – TYPO3 HTML Sanitizer allows Cross-Site Scripting

CVE-2026-47344 – TYPO3 HTML Sanitizer allows Cross-Site Scripting

CVE-2026-46484 – Headplane: Path Traversal + RBAC Bypass in renameNode allows authenticated OIDC users to expire or rename any node/user