CVE-2026-5511

Severity CVSS v4.0:
MEDIUM
Type:
Unavailable / Other
Publication date:
19/05/2026
Last modified:
01/06/2026

Description

In the web management interface of Archer AX72 (SG) v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. <br /> <br /> <br /> An authenticated attacker with administrative privileges could exploit this issue to confirm the presence of the diagnostic utility and view its valid command-line syntax and options.  The exposed information is limited in scope and does not include sensitive system data.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:tp-link:archer_ax72_firmware:*:*:*:*:*:*:*:* 1.4.6 (excluding)
cpe:2.3:h:tp-link:archer_ax72:1.0:*:*:*:*:*:*:*